All of lore.kernel.org
 help / color / mirror / Atom feed
* [PATCH 0/2] arm-bsp/trusted-services: smm gateway fixes for
@ 2022-11-04 15:02 emekcan.aras
  2022-11-04 15:02 ` [PATCH 1/2] arm-bsp/trusted-services: add checks for null attributes in smm gateway emekcan.aras
  2022-11-04 15:02 ` [PATCH 2/2] arm-bsp/trusted-services: Fix GetNextVariable max_name_len " emekcan.aras
  0 siblings, 2 replies; 4+ messages in thread
From: emekcan.aras @ 2022-11-04 15:02 UTC (permalink / raw)
  To: meta-arm, Jon.Mason, Ross.Burton; +Cc: nd, Emekcan

From: Emekcan <emekcan.aras@arm.com>

The SMM gateway in trusted-services does not return the right error 
values  in negative cases. This patchset fixes those issues as 
expected in EDK2-tests.

Emekcan (2):
  arm-bsp/trusted-services: add checks for null attributes in smm
    gateway
  arm-bsp/trusted-services: Fix GetNextVariable max_name_len in smm
    gateway

 ...teway-add-checks-for-null-attributes.patch | 35 +++++++++++++++++++
 .../0022-GetNextVariableName-Fix.patch        | 33 +++++++++++++++++
 .../trusted-services/ts-corstone1000.inc      |  2 ++
 3 files changed, 70 insertions(+)
 create mode 100644 meta-arm-bsp/recipes-security/trusted-services/corstone1000/0021-smm_gateway-add-checks-for-null-attributes.patch
 create mode 100644 meta-arm-bsp/recipes-security/trusted-services/corstone1000/0022-GetNextVariableName-Fix.patch

-- 
2.17.1



^ permalink raw reply	[flat|nested] 4+ messages in thread
* [PATCH 1/2] arm-bsp/trusted-services: add checks for null attributes in smm gateway
  2022-11-04 15:02 [PATCH 0/2] arm-bsp/trusted-services: smm gateway fixes for emekcan.aras
@ 2022-11-04 15:02 ` emekcan.aras
  2022-11-04 15:02 ` [PATCH 2/2] arm-bsp/trusted-services: Fix GetNextVariable max_name_len " emekcan.aras
  1 sibling, 0 replies; 4+ messages in thread
From: emekcan.aras @ 2022-11-04 15:02 UTC (permalink / raw)
  To: meta-arm, Jon.Mason, Ross.Burton; +Cc: nd, Emekcan

From: Emekcan <emekcan.aras@arm.com>

As in EDK-2 and EDK-2 test code, setVariable() with 0
attributes means a delete variable requiest. Currently,
smm gateway doesn't handle this scenario. This commit
adds that support

Signed-off-by: Emekcan Aras <emekcan.aras@arm.com>
---
 ...teway-add-checks-for-null-attributes.patch | 35 +++++++++++++++++++
 .../trusted-services/ts-corstone1000.inc      |  1 +
 2 files changed, 36 insertions(+)
 create mode 100644 meta-arm-bsp/recipes-security/trusted-services/corstone1000/0021-smm_gateway-add-checks-for-null-attributes.patch

diff --git a/meta-arm-bsp/recipes-security/trusted-services/corstone1000/0021-smm_gateway-add-checks-for-null-attributes.patch b/meta-arm-bsp/recipes-security/trusted-services/corstone1000/0021-smm_gateway-add-checks-for-null-attributes.patch
new file mode 100644
index 00000000..87c053fc
--- /dev/null
+++ b/meta-arm-bsp/recipes-security/trusted-services/corstone1000/0021-smm_gateway-add-checks-for-null-attributes.patch
@@ -0,0 +1,35 @@
+From 6d3cac6f3a6e977e9330c9c06514a372ade170a2 Mon Sep 17 00:00:00 2001
+From: Emekcan <emekcan.aras@arm.com>
+Date: Wed, 2 Nov 2022 09:58:27 +0000
+Subject: [PATCH] smm_gateway: add checks for null attributes
+
+As par EDK-2 and EDK-2 test code, setVariable() with 0 
+attributes means a delete variable request. Currently, 
+smm gatway doesn't handle this scenario. This commit adds
+that support.
+
+Upstream-Status: Pending
+Signed-off-by: Emekcan Aras <emekcan.aras@arm.com>
+---
+ components/service/smm_variable/backend/uefi_variable_store.c | 4 ++--
+ 1 file changed, 2 insertions(+), 2 deletions(-)
+
+diff --git a/components/service/smm_variable/backend/uefi_variable_store.c b/components/service/smm_variable/backend/uefi_variable_store.c
+index 6c3b9ed8..a691dc5d 100644
+--- a/components/service/smm_variable/backend/uefi_variable_store.c
++++ b/components/service/smm_variable/backend/uefi_variable_store.c
+@@ -202,9 +202,9 @@ efi_status_t uefi_variable_store_set_variable(
+ 		if (info->is_variable_set) {
+ 
+ 			/* It's a request to update to an existing variable */
+-			if (!(var->Attributes &
++			if (!(var->Attributes) || (!(var->Attributes &
+ 				(EFI_VARIABLE_APPEND_WRITE | EFI_VARIABLE_AUTHENTICATED_WRITE_ACCESS_MASK)) &&
+-				!var->DataSize) {
++				!var->DataSize)) {
+ 
+ 				/* It's a remove operation - for a remove, the variable
+ 				 * data must be removed from the storage backend before
+-- 
+2.17.1
+
diff --git a/meta-arm-bsp/recipes-security/trusted-services/ts-corstone1000.inc b/meta-arm-bsp/recipes-security/trusted-services/ts-corstone1000.inc
index 0d856bc5..d56a4a9a 100644
--- a/meta-arm-bsp/recipes-security/trusted-services/ts-corstone1000.inc
+++ b/meta-arm-bsp/recipes-security/trusted-services/ts-corstone1000.inc
@@ -21,4 +21,5 @@ SRC_URI:append:corstone1000  = " \
     file://0018-Fixes-in-AEAD-for-psa-arch-test-54-and-58.patch;patchdir=../trusted-services \
     file://0019-plat-corstone1000-change-default-smm-values.patch;patchdir=../trusted-services \
     file://0020-FMP-Support-in-Corstone1000.patch;patchdir=../trusted-services \
+    file://0021-smm_gateway-add-checks-for-null-attributes.patch;patchdir=../trusted-services \
     "
-- 
2.17.1



^ permalink raw reply related	[flat|nested] 4+ messages in thread
* [PATCH 2/2] arm-bsp/trusted-services: Fix GetNextVariable max_name_len in smm gateway
  2022-11-04 15:02 [PATCH 0/2] arm-bsp/trusted-services: smm gateway fixes for emekcan.aras
  2022-11-04 15:02 ` [PATCH 1/2] arm-bsp/trusted-services: add checks for null attributes in smm gateway emekcan.aras
@ 2022-11-04 15:02 ` emekcan.aras
  1 sibling, 0 replies; 4+ messages in thread
From: emekcan.aras @ 2022-11-04 15:02 UTC (permalink / raw)
  To: meta-arm, Jon.Mason, Ross.Burton; +Cc: nd, Emekcan

From: Emekcan <emekcan.aras@arm.com>

GetNextVariableName() should return EFI_BUFFER_TOO_SMALL
when NameSize is smaller than the actual NameSize. It
currently returns EFI_BUFFER_OUT_OF_RESOURCES due to setting
max_name_len incorrectly. This fixes max_name_len error by
replacing it with actual NameSize request by u-boot.

Signed-off-by: Emekcan Aras <emekcan.aras@arm.com>
---
 .../0022-GetNextVariableName-Fix.patch        | 33 +++++++++++++++++++
 .../trusted-services/ts-corstone1000.inc      |  1 +
 2 files changed, 34 insertions(+)
 create mode 100644 meta-arm-bsp/recipes-security/trusted-services/corstone1000/0022-GetNextVariableName-Fix.patch

diff --git a/meta-arm-bsp/recipes-security/trusted-services/corstone1000/0022-GetNextVariableName-Fix.patch b/meta-arm-bsp/recipes-security/trusted-services/corstone1000/0022-GetNextVariableName-Fix.patch
new file mode 100644
index 00000000..ed4e6e27
--- /dev/null
+++ b/meta-arm-bsp/recipes-security/trusted-services/corstone1000/0022-GetNextVariableName-Fix.patch
@@ -0,0 +1,33 @@
+From 2aa665ad2cb13bc79b645db41686449a47593aab Mon Sep 17 00:00:00 2001
+From: Emekcan <emekcan.aras@arm.com>
+Date: Thu, 3 Nov 2022 17:43:40 +0000
+Subject: [PATCH] smm_gateway: GetNextVariableName Fix
+
+GetNextVariableName() should return EFI_BUFFER_TOO_SMALL 
+when NameSize is smaller than the actual NameSize. It 
+currently returns EFI_BUFFER_OUT_OF_RESOURCES due to setting
+max_name_len incorrectly. This fixes max_name_len error by
+replacing it with actual NameSize request by u-boot.
+
+Upstream-Status: Pending
+Signed-off-by: Emekcan Aras <emekcan.aras@arm.com>
+---
+ .../service/smm_variable/provider/smm_variable_provider.c       | 2 +-
+ 1 file changed, 1 insertion(+), 1 deletion(-)
+
+diff --git a/components/service/smm_variable/provider/smm_variable_provider.c b/components/service/smm_variable/provider/smm_variable_provider.c
+index a9679b7e..6a4b6fa7 100644
+--- a/components/service/smm_variable/provider/smm_variable_provider.c
++++ b/components/service/smm_variable/provider/smm_variable_provider.c
+@@ -197,7 +197,7 @@ static rpc_status_t get_next_variable_name_handler(void *context, struct call_re
+ 			efi_status = uefi_variable_store_get_next_variable_name(
+ 				&this_instance->variable_store,
+ 				(SMM_VARIABLE_COMMUNICATE_GET_NEXT_VARIABLE_NAME*)resp_buf->data,
+-				max_name_len,
++				((SMM_VARIABLE_COMMUNICATE_GET_NEXT_VARIABLE_NAME*)resp_buf->data)->NameSize,
+ 				&resp_buf->data_len);
+ 		}
+ 		else {
+-- 
+2.17.1
+
diff --git a/meta-arm-bsp/recipes-security/trusted-services/ts-corstone1000.inc b/meta-arm-bsp/recipes-security/trusted-services/ts-corstone1000.inc
index d56a4a9a..e97fb593 100644
--- a/meta-arm-bsp/recipes-security/trusted-services/ts-corstone1000.inc
+++ b/meta-arm-bsp/recipes-security/trusted-services/ts-corstone1000.inc
@@ -22,4 +22,5 @@ SRC_URI:append:corstone1000  = " \
     file://0019-plat-corstone1000-change-default-smm-values.patch;patchdir=../trusted-services \
     file://0020-FMP-Support-in-Corstone1000.patch;patchdir=../trusted-services \
     file://0021-smm_gateway-add-checks-for-null-attributes.patch;patchdir=../trusted-services \
+    file://0022-GetNextVariableName-Fix.patch;patchdir=../trusted-services \
     "
-- 
2.17.1



^ permalink raw reply related	[flat|nested] 4+ messages in thread
* [PATCH 2/2] arm-bsp/trusted-services: Fix GetNextVariable max_name_len in smm gateway
  2022-11-07 11:41 [PATCH 0/2] arm-bsp/trusted-services:smm gateway fixes emekcan.aras
@ 2022-11-07 11:41 ` emekcan.aras
  0 siblings, 0 replies; 4+ messages in thread
From: emekcan.aras @ 2022-11-07 11:41 UTC (permalink / raw)
  To: meta-arm, Jon.Mason, Ross.Burton; +Cc: nd, Emekcan

From: Emekcan <emekcan.aras@arm.com>

GetNextVariableName() should return EFI_BUFFER_TOO_SMALL
when NameSize is smaller than the actual NameSize. It
currently returns EFI_BUFFER_OUT_OF_RESOURCES due to setting
max_name_len incorrectly. This fixes max_name_len error by
replacing it with actual NameSize request by u-boot.

Signed-off-by: Emekcan Aras <emekcan.aras@arm.com>
---
 .../0022-GetNextVariableName-Fix.patch        | 33 +++++++++++++++++++
 .../trusted-services/ts-corstone1000.inc      |  1 +
 2 files changed, 34 insertions(+)
 create mode 100644 meta-arm-bsp/recipes-security/trusted-services/corstone1000/0022-GetNextVariableName-Fix.patch

diff --git a/meta-arm-bsp/recipes-security/trusted-services/corstone1000/0022-GetNextVariableName-Fix.patch b/meta-arm-bsp/recipes-security/trusted-services/corstone1000/0022-GetNextVariableName-Fix.patch
new file mode 100644
index 00000000..ed4e6e27
--- /dev/null
+++ b/meta-arm-bsp/recipes-security/trusted-services/corstone1000/0022-GetNextVariableName-Fix.patch
@@ -0,0 +1,33 @@
+From 2aa665ad2cb13bc79b645db41686449a47593aab Mon Sep 17 00:00:00 2001
+From: Emekcan <emekcan.aras@arm.com>
+Date: Thu, 3 Nov 2022 17:43:40 +0000
+Subject: [PATCH] smm_gateway: GetNextVariableName Fix
+
+GetNextVariableName() should return EFI_BUFFER_TOO_SMALL 
+when NameSize is smaller than the actual NameSize. It 
+currently returns EFI_BUFFER_OUT_OF_RESOURCES due to setting
+max_name_len incorrectly. This fixes max_name_len error by
+replacing it with actual NameSize request by u-boot.
+
+Upstream-Status: Pending
+Signed-off-by: Emekcan Aras <emekcan.aras@arm.com>
+---
+ .../service/smm_variable/provider/smm_variable_provider.c       | 2 +-
+ 1 file changed, 1 insertion(+), 1 deletion(-)
+
+diff --git a/components/service/smm_variable/provider/smm_variable_provider.c b/components/service/smm_variable/provider/smm_variable_provider.c
+index a9679b7e..6a4b6fa7 100644
+--- a/components/service/smm_variable/provider/smm_variable_provider.c
++++ b/components/service/smm_variable/provider/smm_variable_provider.c
+@@ -197,7 +197,7 @@ static rpc_status_t get_next_variable_name_handler(void *context, struct call_re
+ 			efi_status = uefi_variable_store_get_next_variable_name(
+ 				&this_instance->variable_store,
+ 				(SMM_VARIABLE_COMMUNICATE_GET_NEXT_VARIABLE_NAME*)resp_buf->data,
+-				max_name_len,
++				((SMM_VARIABLE_COMMUNICATE_GET_NEXT_VARIABLE_NAME*)resp_buf->data)->NameSize,
+ 				&resp_buf->data_len);
+ 		}
+ 		else {
+-- 
+2.17.1
+
diff --git a/meta-arm-bsp/recipes-security/trusted-services/ts-corstone1000.inc b/meta-arm-bsp/recipes-security/trusted-services/ts-corstone1000.inc
index d56a4a9a..e97fb593 100644
--- a/meta-arm-bsp/recipes-security/trusted-services/ts-corstone1000.inc
+++ b/meta-arm-bsp/recipes-security/trusted-services/ts-corstone1000.inc
@@ -22,4 +22,5 @@ SRC_URI:append:corstone1000  = " \
     file://0019-plat-corstone1000-change-default-smm-values.patch;patchdir=../trusted-services \
     file://0020-FMP-Support-in-Corstone1000.patch;patchdir=../trusted-services \
     file://0021-smm_gateway-add-checks-for-null-attributes.patch;patchdir=../trusted-services \
+    file://0022-GetNextVariableName-Fix.patch;patchdir=../trusted-services \
     "
-- 
2.17.1



^ permalink raw reply related	[flat|nested] 4+ messages in thread
end of thread, other threads:[~2022-11-07 11:42 UTC | newest]

Thread overview: 4+ messages (download: mbox.gz / follow: Atom feed)
-- links below jump to the message on this page --
2022-11-04 15:02 [PATCH 0/2] arm-bsp/trusted-services: smm gateway fixes for emekcan.aras
2022-11-04 15:02 ` [PATCH 1/2] arm-bsp/trusted-services: add checks for null attributes in smm gateway emekcan.aras
2022-11-04 15:02 ` [PATCH 2/2] arm-bsp/trusted-services: Fix GetNextVariable max_name_len " emekcan.aras
2022-11-07 11:41 [PATCH 0/2] arm-bsp/trusted-services:smm gateway fixes emekcan.aras
2022-11-07 11:41 ` [PATCH 2/2] arm-bsp/trusted-services: Fix GetNextVariable max_name_len in smm gateway emekcan.aras

This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.