SCT spec: https://bugzilla.tianocore.org/show_bug.cgi?id=4374
BZ: https://bugzilla.tianocore.org/show_bug.cgi?id=4419 -Implement MemoryOverwriteRequestControlLock Unlocked State test cases -Add Assertions 17, 18, 19, and 20 from SCT spec -Add Test Case to MemoryOverwriteRequestFunctionTest Cc: G Edhaya Chandran <edhaya.chand...@arm.com> Cc: Barton Gao <gao...@byosoft.com.cn> Cc: Carolyn Gjertsen <carolyn.gjert...@amd.com> Signed-off-by: Abhi Singh <abhi.si...@arm.com> Reviewed-by: Stuart Yoder <stuart.yo...@arm.com> --- uefi-sct/SctPkg/TestCase/UEFI/EFI/RuntimeServices/TCGMemoryOverwriteRequest/BlackBoxTest/Guid.h | 20 ++ uefi-sct/SctPkg/TestCase/UEFI/EFI/RuntimeServices/TCGMemoryOverwriteRequest/BlackBoxTest/TCGMemoryOverwriteRequestBBTestMain.h | 7 + uefi-sct/SctPkg/TestCase/UEFI/EFI/RuntimeServices/TCGMemoryOverwriteRequest/BlackBoxTest/Guid.c | 8 + uefi-sct/SctPkg/TestCase/UEFI/EFI/RuntimeServices/TCGMemoryOverwriteRequest/BlackBoxTest/TCGMemoryOverwriteRequestBBTestFunction.c | 241 +++++++++++++++++++- 4 files changed, 275 insertions(+), 1 deletion(-) diff --git a/uefi-sct/SctPkg/TestCase/UEFI/EFI/RuntimeServices/TCGMemoryOverwriteRequest/BlackBoxTest/Guid.h b/uefi-sct/SctPkg/TestCase/UEFI/EFI/RuntimeServices/TCGMemoryOverwriteRequest/BlackBoxTest/Guid.h index 891f494dbc70..1ca43a393f29 100644 --- a/uefi-sct/SctPkg/TestCase/UEFI/EFI/RuntimeServices/TCGMemoryOverwriteRequest/BlackBoxTest/Guid.h +++ b/uefi-sct/SctPkg/TestCase/UEFI/EFI/RuntimeServices/TCGMemoryOverwriteRequest/BlackBoxTest/Guid.h @@ -73,6 +73,18 @@ Abstract: #define EFI_TEST_TCGMORTESTFUNCTION_ASSERTION_016_GUID \ { 0x169a43cc, 0x23fa, 0x4887, {0x8b, 0x4f, 0x11, 0xb2, 0xa0, 0x88, 0x4f, 0x63 }} +#define EFI_TEST_TCGMORTESTFUNCTION_ASSERTION_017_GUID \ +{ 0x7c11d0ab, 0x7a84, 0x482b, {0xb7, 0x5a, 0xd7, 0x72, 0x6c, 0x3e, 0xae, 0x0e }} + +#define EFI_TEST_TCGMORTESTFUNCTION_ASSERTION_018_GUID \ +{ 0xbbaa52b6, 0x5576, 0x4acd, {0xb9, 0x5f, 0x86, 0x22, 0x5e, 0xfc, 0xb0, 0x31 }} + +#define EFI_TEST_TCGMORTESTFUNCTION_ASSERTION_019_GUID \ +{ 0x60b227e0, 0x9f5c, 0x412c, {0x88, 0x79, 0xd3, 0x59, 0xfc, 0xd0, 0xdd, 0x3f }} + +#define EFI_TEST_TCGMORTESTFUNCTION_ASSERTION_020_GUID \ +{ 0x2eba284a, 0xf701, 0x4c19, {0xbe, 0x5c, 0x39, 0x27, 0xb0, 0x68, 0x4f, 0xd7 }} + extern EFI_GUID gTCGMemoryOverwriteRequestTestFunctionAssertionGuid001; extern EFI_GUID gTCGMemoryOverwriteRequestTestFunctionAssertionGuid002; @@ -104,3 +116,11 @@ extern EFI_GUID gTCGMemoryOverwriteRequestTestFunctionAssertionGuid014; extern EFI_GUID gTCGMemoryOverwriteRequestTestFunctionAssertionGuid015; extern EFI_GUID gTCGMemoryOverwriteRequestTestFunctionAssertionGuid016; + +extern EFI_GUID gTCGMemoryOverwriteRequestTestFunctionAssertionGuid017; + +extern EFI_GUID gTCGMemoryOverwriteRequestTestFunctionAssertionGuid018; + +extern EFI_GUID gTCGMemoryOverwriteRequestTestFunctionAssertionGuid019; + +extern EFI_GUID gTCGMemoryOverwriteRequestTestFunctionAssertionGuid020; diff --git a/uefi-sct/SctPkg/TestCase/UEFI/EFI/RuntimeServices/TCGMemoryOverwriteRequest/BlackBoxTest/TCGMemoryOverwriteRequestBBTestMain.h b/uefi-sct/SctPkg/TestCase/UEFI/EFI/RuntimeServices/TCGMemoryOverwriteRequest/BlackBoxTest/TCGMemoryOverwriteRequestBBTestMain.h index 553959762be8..15eedc60f19d 100644 --- a/uefi-sct/SctPkg/TestCase/UEFI/EFI/RuntimeServices/TCGMemoryOverwriteRequest/BlackBoxTest/TCGMemoryOverwriteRequestBBTestMain.h +++ b/uefi-sct/SctPkg/TestCase/UEFI/EFI/RuntimeServices/TCGMemoryOverwriteRequest/BlackBoxTest/TCGMemoryOverwriteRequestBBTestMain.h @@ -100,6 +100,13 @@ TCGMemoryOverwriteRequestControlLockSetVariable ( IN RESET_DATA *ResetData ); +EFI_STATUS +TCGMemoryOverwriteRequestControlLockUnlockedState ( + IN EFI_STANDARD_TEST_LIBRARY_PROTOCOL *StandardLib, + IN EFI_TEST_RECOVERY_LIBRARY_PROTOCOL *RecoveryLib, + IN RESET_DATA *ResetData +); + // **************************************************************************** // Entry GUIDs for Test // **************************************************************************** diff --git a/uefi-sct/SctPkg/TestCase/UEFI/EFI/RuntimeServices/TCGMemoryOverwriteRequest/BlackBoxTest/Guid.c b/uefi-sct/SctPkg/TestCase/UEFI/EFI/RuntimeServices/TCGMemoryOverwriteRequest/BlackBoxTest/Guid.c index d861c44e3960..fe8853452979 100644 --- a/uefi-sct/SctPkg/TestCase/UEFI/EFI/RuntimeServices/TCGMemoryOverwriteRequest/BlackBoxTest/Guid.c +++ b/uefi-sct/SctPkg/TestCase/UEFI/EFI/RuntimeServices/TCGMemoryOverwriteRequest/BlackBoxTest/Guid.c @@ -59,3 +59,11 @@ EFI_GUID gTCGMemoryOverwriteRequestTestFunctionAssertionGuid014 = EFI_TEST_TCGMO EFI_GUID gTCGMemoryOverwriteRequestTestFunctionAssertionGuid015 = EFI_TEST_TCGMORTESTFUNCTION_ASSERTION_015_GUID; EFI_GUID gTCGMemoryOverwriteRequestTestFunctionAssertionGuid016 = EFI_TEST_TCGMORTESTFUNCTION_ASSERTION_016_GUID; + +EFI_GUID gTCGMemoryOverwriteRequestTestFunctionAssertionGuid017 = EFI_TEST_TCGMORTESTFUNCTION_ASSERTION_017_GUID; + +EFI_GUID gTCGMemoryOverwriteRequestTestFunctionAssertionGuid018 = EFI_TEST_TCGMORTESTFUNCTION_ASSERTION_018_GUID; + +EFI_GUID gTCGMemoryOverwriteRequestTestFunctionAssertionGuid019 = EFI_TEST_TCGMORTESTFUNCTION_ASSERTION_019_GUID; + +EFI_GUID gTCGMemoryOverwriteRequestTestFunctionAssertionGuid020 = EFI_TEST_TCGMORTESTFUNCTION_ASSERTION_020_GUID; diff --git a/uefi-sct/SctPkg/TestCase/UEFI/EFI/RuntimeServices/TCGMemoryOverwriteRequest/BlackBoxTest/TCGMemoryOverwriteRequestBBTestFunction.c b/uefi-sct/SctPkg/TestCase/UEFI/EFI/RuntimeServices/TCGMemoryOverwriteRequest/BlackBoxTest/TCGMemoryOverwriteRequestBBTestFunction.c index f0c6029c9afb..fe5ca180c104 100644 --- a/uefi-sct/SctPkg/TestCase/UEFI/EFI/RuntimeServices/TCGMemoryOverwriteRequest/BlackBoxTest/TCGMemoryOverwriteRequestBBTestFunction.c +++ b/uefi-sct/SctPkg/TestCase/UEFI/EFI/RuntimeServices/TCGMemoryOverwriteRequest/BlackBoxTest/TCGMemoryOverwriteRequestBBTestFunction.c @@ -41,6 +41,8 @@ Abstract: #define LOCK_UNLOCKED_STATE_TEST 4 +#define LOCK_NO_KEY_STATE_TEST 5 + /** * Entry point for TCG Platform Reset Attack Mitigation MemoryOverwrite EFI Variables Function Test. @@ -168,6 +170,16 @@ BBTestTCGMemoryOverwriteRequestFunctionTest ( } CheckpointStepMatched = TRUE; } + if (ResetData->CheckpointStep == LOCK_UNLOCKED_STATE_TEST) { + // + // Test Checkpoint LOCK_UNLOCKED_STATE_TEST + // + Status = TCGMemoryOverwriteRequestControlLockUnlockedState (StandardLib, RecoveryLib, ResetData); + if(EFI_ERROR(Status)) { + return Status; + } + CheckpointStepMatched = TRUE; + } if (!CheckpointStepMatched) { return EFI_INVALID_PARAMETER; // incase of invalid CheckpointStep, return EFI_INVALID_PARAMETER @@ -1007,4 +1019,231 @@ MORLOCK_SET_VARIABLE: ); return EFI_SUCCESS; -} \ No newline at end of file +} + + +/** + * MemoryOverwriteRequestControlLock in unlocked state test + * When unlocked, the lock should stay unlocked when passed a valid value of 0x00 + * + * When passed an invalid Data value != 0x00 or != 0x01, such as 0x02, + * the lock must stay unlocked and return EFI_INVALID_PARAMETER + * @param StandardLib A pointer to EFI_STANDARD_TEST_LIBRARY_PROTOCOL + * instance. + * @param RecoveryLib A pointer to EFI_TEST_RECOVERY_LIBRARY_PROTOCOL + * instance. + * @param ResetData A pointer to the ResetData Buffer which is used throughout + * the test + * @return EFI_SUCCESS Successfully. + * @return Other value Something failed. + */ +EFI_STATUS +TCGMemoryOverwriteRequestControlLockUnlockedState ( + IN EFI_STANDARD_TEST_LIBRARY_PROTOCOL *StandardLib, + IN EFI_TEST_RECOVERY_LIBRARY_PROTOCOL *RecoveryLib, + IN RESET_DATA *ResetData + ) +{ + EFI_STATUS Status; + EFI_TEST_ASSERTION Result; + UINTN DataSize; + UINT8 MemoryOverwriteRequestControlLockData; + UINT32 Attributes; + + // + // Check Step to see which part of test remains to be executed + // + switch (ResetData->Step) { + case 0: + goto INITIAL_RESET; + case 1: + goto MORLOCK_UNLOCKED_STATE; + default: + return EFI_INVALID_PARAMETER; + } + +INITIAL_RESET: + // + // Reset MORLOCK variable by performing a cold reset + // + + ResetData->Step = 1; + ResetData->CheckpointStep = LOCK_UNLOCKED_STATE_TEST; + Status = RecoveryLib->WriteResetRecord ( + RecoveryLib, + sizeof (RESET_DATA), + (UINT8*)ResetData + ); + if (EFI_ERROR(Status)) { + StandardLib->RecordAssertion ( + StandardLib, + EFI_TEST_ASSERTION_FAILED, + gTestGenericFailureGuid, + L"TestRecoveryLib - WriteResetRecord", + L"%a:%d:Status - %r", + __FILE__, + (UINTN)__LINE__, + Status + ); + return Status; + } + + SctPrint (L"System will cold reset after 1 second and test will be resumed after reboot."); + Status = gtBS->Stall(1000000); + if (EFI_ERROR(Status)) { + // Handle stall error + SctPrint(L"Error: Failed to stall the system.\n"); + return Status; + } + gtRT->ResetSystem ( + EfiResetCold, + EFI_SUCCESS, + 0, + NULL + ); + SctPrint(L"Error: Failed to perform a cold reset.\n"); + return EFI_DEVICE_ERROR; + +MORLOCK_UNLOCKED_STATE: + // + // Testing MORLOCK scenarios when the Variable is in the unlocked state + // + + ResetData->Step = 0; + ResetData->CheckpointStep = LOCK_NO_KEY_STATE_TEST; + Status = RecoveryLib->WriteResetRecord ( + RecoveryLib, + sizeof (RESET_DATA), + (UINT8*)ResetData + ); + if (EFI_ERROR(Status)) { + StandardLib->RecordAssertion ( + StandardLib, + EFI_TEST_ASSERTION_FAILED, + gTestGenericFailureGuid, + L"TestRecoveryLib - WriteResetRecord", + L"%a:%d:Status - %r", + __FILE__, + (UINTN)__LINE__, + Status + ); + return Status; + } + + // + // Setting MORLOCK to unlocked when already in unlocked state should return EFI_SUCCESS + // and the MORLOCK value should still be = 0x00 or unlocked + // + DataSize = sizeof(MemoryOverwriteRequestControlLockData); + Attributes = TCG_MOR_VARIABLE_ATTRIBUTES; + MemoryOverwriteRequestControlLockData = MOR_LOCK_DATA_UNLOCKED; + + Status = gtRT->SetVariable ( + L"MemoryOverwriteRequestControlLock", // VariableName + &gEfiMemoryOverwriteRequestControlLockGuid, // VendorGuid + Attributes, // Attributes + DataSize, // DataSize + &MemoryOverwriteRequestControlLockData // Data + ); + if (Status == EFI_SUCCESS) { + Result = EFI_TEST_ASSERTION_PASSED; + } else { + Result = EFI_TEST_ASSERTION_FAILED; + } + + StandardLib->RecordAssertion ( + StandardLib, + Result, + gTCGMemoryOverwriteRequestTestFunctionAssertionGuid017, + L"MemoryOverwriteRequestControlLock - Setting to unlocked when already unlocked should return EFI_SUCCESS", + L"%a:%d:Status - %r", + __FILE__, + (UINTN)__LINE__, + Status + ); + + Status = gtRT->GetVariable ( + L"MemoryOverwriteRequestControlLock", // VariableName + &gEfiMemoryOverwriteRequestControlLockGuid, // VendorGuid + &Attributes, // Attributes + &DataSize, // DataSize + &MemoryOverwriteRequestControlLockData // Data + ); + if (EFI_ERROR (Status) || (MemoryOverwriteRequestControlLockData != MOR_LOCK_DATA_UNLOCKED)) { + Result = EFI_TEST_ASSERTION_FAILED; + } else { + Result = EFI_TEST_ASSERTION_PASSED; + } + + StandardLib->RecordAssertion ( + StandardLib, + Result, + gTCGMemoryOverwriteRequestTestFunctionAssertionGuid018, + L"MemoryOverwriteRequestControlLock - Lock value remains unlocked", + L"%a:%d:Status - %r", + __FILE__, + (UINTN)__LINE__, + Status + ); + + // + // Setting MORLOCK with an invalid Data parameter != 0x01 should return EFI_INVALID_PARAMETER + // and the MORLOCK value should still be = 0x00 + // + DataSize = sizeof(MemoryOverwriteRequestControlLockData); + Attributes = TCG_MOR_VARIABLE_ATTRIBUTES; + MemoryOverwriteRequestControlLockData = 0x02; + + Status = gtRT->SetVariable ( + L"MemoryOverwriteRequestControlLock", // VariableName + &gEfiMemoryOverwriteRequestControlLockGuid, // VendorGuid + Attributes, // Attributes + DataSize, // DataSize + &MemoryOverwriteRequestControlLockData // Data + ); + if (Status == EFI_INVALID_PARAMETER) { + Result = EFI_TEST_ASSERTION_PASSED; + } else { + Result = EFI_TEST_ASSERTION_FAILED; + } + + StandardLib->RecordAssertion ( + StandardLib, + Result, + gTCGMemoryOverwriteRequestTestFunctionAssertionGuid019, + L"MemoryOverwriteRequestControlLock - Invalid Data = 0x02 returns EFI_INVALID_PARAMETER", + L"%a:%d:Status - %r", + __FILE__, + (UINTN)__LINE__, + Status + ); + + DataSize = sizeof(MemoryOverwriteRequestControlLockData); + Attributes = TCG_MOR_VARIABLE_ATTRIBUTES; + + Status = gtRT->GetVariable ( + L"MemoryOverwriteRequestControlLock", // VariableName + &gEfiMemoryOverwriteRequestControlLockGuid, // VendorGuid + &Attributes, // Attributes + &DataSize, // DataSize + &MemoryOverwriteRequestControlLockData // Data + ); + if (EFI_ERROR (Status) || (MemoryOverwriteRequestControlLockData != MOR_LOCK_DATA_UNLOCKED)) { + Result = EFI_TEST_ASSERTION_FAILED; + } else { + Result = EFI_TEST_ASSERTION_PASSED; + } + + StandardLib->RecordAssertion ( + StandardLib, + Result, + gTCGMemoryOverwriteRequestTestFunctionAssertionGuid020, + L"MemoryOverwriteRequestControlLock - Lock value remains unlocked", + L"%a:%d:Status - %r", + __FILE__, + (UINTN)__LINE__, + Status + ); + + return EFI_SUCCESS; +} -- 2.34.1 -=-=-=-=-=-=-=-=-=-=-=- Groups.io Links: You receive all messages sent to this group. View/Reply Online (#116410): https://edk2.groups.io/g/devel/message/116410 Mute This Topic: https://groups.io/mt/104756655/21656 Group Owner: devel+ow...@edk2.groups.io Unsubscribe: https://edk2.groups.io/g/devel/unsub [arch...@mail-archive.com] -=-=-=-=-=-=-=-=-=-=-=-
