From nobody Tue Dec 24 17:04:37 2024 Delivered-To: importer@patchew.org Authentication-Results: mx.zohomail.com; spf=none (zoho.com: 198.145.21.10 is neither permitted nor denied by domain of lists.01.org) smtp.mailfrom=edk2-devel-bounces@lists.01.org Return-Path: Received: from ml01.01.org (ml01.01.org [198.145.21.10]) by mx.zohomail.com with SMTPS id 1512629193407382.5423393809382; Wed, 6 Dec 2017 22:46:33 -0800 (PST) Received: from [127.0.0.1] (localhost [IPv6:::1]) by ml01.01.org (Postfix) with ESMTP id 013AA2218E94B; Wed, 6 Dec 2017 22:41:59 -0800 (PST) Received: from mga04.intel.com (mga04.intel.com [192.55.52.120]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ml01.01.org (Postfix) with ESMTPS id D3B6A2218E947 for ; Wed, 6 Dec 2017 22:41:57 -0800 (PST) Received: from fmsmga003.fm.intel.com ([10.253.24.29]) by fmsmga104.fm.intel.com with ESMTP/TLS/DHE-RSA-AES256-GCM-SHA384; 06 Dec 2017 22:46:30 -0800 Received: from chenche4.ccr.corp.intel.com ([10.239.158.36]) by FMSMGA003.fm.intel.com with ESMTP; 06 Dec 2017 22:46:29 -0800 X-Original-To: edk2-devel@lists.01.org Received-SPF: none (zoho.com: 198.145.21.10 is neither permitted nor denied by domain of lists.01.org) client-ip=198.145.21.10; envelope-from=edk2-devel-bounces@lists.01.org; helo=ml01.01.org; Received-SPF: Permerror (SPF Permanent Error: More than 10 MX records returned) identity=mailfrom; client-ip=192.55.52.120; helo=mga04.intel.com; envelope-from=chen.a.chen@intel.com; receiver=edk2-devel@lists.01.org X-ExtLoop1: 1 X-IronPort-AV: E=Sophos;i="5.45,371,1508828400"; d="scan'208";a="9816556" From: chenc2 To: edk2-devel@lists.01.org Date: Thu, 7 Dec 2017 14:46:27 +0800 Message-Id: <20171207064627.14040-1-chen.a.chen@intel.com> X-Mailer: git-send-email 2.13.2.windows.1 Subject: [edk2] [PATCH] MdeModulePkg/Variable/RuntimeDxe: Modify function return status X-BeenThere: edk2-devel@lists.01.org X-Mailman-Version: 2.1.22 Precedence: list List-Id: EDK II Development List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Cc: Zhang Chao MIME-Version: 1.0 Content-Transfer-Encoding: quoted-printable Errors-To: edk2-devel-bounces@lists.01.org Sender: "edk2-devel" X-ZohoMail: RSF_4 Z_629925259 SPT_0 Content-Type: text/plain; charset="utf-8" Make VariableServiceSetVariable and VariableServiceQueryVariableInfo functions return status following UEFI 2.7 spec. Cc: Zhang Chao Contributed-under: TianoCore Contribution Agreement 1.1 Signed-off-by: chenc2 Reviewed-by : Chao Zhang --- .../Universal/Variable/RuntimeDxe/Variable.c | 26 ++++++++++++++++--= ---- 1 file changed, 19 insertions(+), 7 deletions(-) diff --git a/MdeModulePkg/Universal/Variable/RuntimeDxe/Variable.c b/MdeMod= ulePkg/Universal/Variable/RuntimeDxe/Variable.c index f39be6b0b4..d7128fe105 100644 --- a/MdeModulePkg/Universal/Variable/RuntimeDxe/Variable.c +++ b/MdeModulePkg/Universal/Variable/RuntimeDxe/Variable.c @@ -3145,7 +3145,11 @@ VariableServiceSetVariable ( // Make sure if runtime bit is set, boot service bit is set also. // if ((Attributes & (EFI_VARIABLE_RUNTIME_ACCESS | EFI_VARIABLE_BOOTSERVIC= E_ACCESS)) =3D=3D EFI_VARIABLE_RUNTIME_ACCESS) { - return EFI_INVALID_PARAMETER; + if ((Attributes & EFI_VARIABLE_AUTHENTICATED_WRITE_ACCESS) !=3D 0) { + return EFI_UNSUPPORTED; + } else { + return EFI_INVALID_PARAMETER; + } } else if ((Attributes & VARIABLE_ATTRIBUTE_AT_AW) !=3D 0) { if (!mVariableModuleGlobal->VariableGlobal.AuthSupport) { // @@ -3168,15 +3172,16 @@ VariableServiceSetVariable ( // if (((Attributes & EFI_VARIABLE_AUTHENTICATED_WRITE_ACCESS) =3D=3D EFI_V= ARIABLE_AUTHENTICATED_WRITE_ACCESS) && ((Attributes & EFI_VARIABLE_TIME_BASED_AUTHENTICATED_WRITE_ACCESS)= =3D=3D EFI_VARIABLE_TIME_BASED_AUTHENTICATED_WRITE_ACCESS)) { - return EFI_INVALID_PARAMETER; + return EFI_UNSUPPORTED; } =20 if ((Attributes & EFI_VARIABLE_AUTHENTICATED_WRITE_ACCESS) =3D=3D EFI_VA= RIABLE_AUTHENTICATED_WRITE_ACCESS) { - if (DataSize < AUTHINFO_SIZE) { - // - // Try to write Authenticated Variable without AuthInfo. - // - return EFI_SECURITY_VIOLATION; + // + // If DataSize =3D=3D AUTHINFO_SIZE and then PayloadSize is 0. + // Maybe it's the delete operation of common authenticated variable a= t user physical presence. + // + if (DataSize !=3D AUTHINFO_SIZE) { + return EFI_UNSUPPORTED; } PayloadSize =3D DataSize - AUTHINFO_SIZE; } else if ((Attributes & EFI_VARIABLE_TIME_BASED_AUTHENTICATED_WRITE_ACC= ESS) =3D=3D EFI_VARIABLE_TIME_BASED_AUTHENTICATED_WRITE_ACCESS) { @@ -3522,6 +3527,13 @@ VariableServiceQueryVariableInfo ( return EFI_INVALID_PARAMETER; } =20 + if ((Attributes & EFI_VARIABLE_AUTHENTICATED_WRITE_ACCESS) !=3D 0) { + // + // Deprecated attribute, make this check as highest priority. + // + return EFI_UNSUPPORTED; + } + if ((Attributes & EFI_VARIABLE_ATTRIBUTES_MASK) =3D=3D 0) { // // Make sure the Attributes combination is supported by the platform. --=20 2.13.2.windows.1 _______________________________________________ edk2-devel mailing list edk2-devel@lists.01.org https://lists.01.org/mailman/listinfo/edk2-devel