* [PATCH 0/2] arm-bsp/trusted-services: smm gateway fixes for
@ 2022-11-04 15:04 emekcan.aras
2022-11-04 15:04 ` [PATCH langdale 1/2] arm-bsp/trusted-services: add checks for null attributes in smm gateway emekcan.aras
` (2 more replies)
0 siblings, 3 replies; 5+ messages in thread
From: emekcan.aras @ 2022-11-04 15:04 UTC (permalink / raw)
To: meta-arm, Jon.Mason, Ross.Burton; +Cc: nd, Emekcan
From: Emekcan <emekcan.aras@arm.com>
The SMM gateway in trusted-services does not return the right error
values in negative cases. This patchset fixes those issues as
expected in EDK2-tests.
Emekcan (2):
arm-bsp/trusted-services: add checks for null attributes in smm
gateway
arm-bsp/trusted-services: Fix GetNextVariable max_name_len in smm
gateway
...teway-add-checks-for-null-attributes.patch | 35 +++++++++++++++++++
.../0022-GetNextVariableName-Fix.patch | 33 +++++++++++++++++
.../trusted-services/ts-corstone1000.inc | 2 ++
3 files changed, 70 insertions(+)
create mode 100644 meta-arm-bsp/recipes-security/trusted-services/corstone1000/0021-smm_gateway-add-checks-for-null-attributes.patch
create mode 100644 meta-arm-bsp/recipes-security/trusted-services/corstone1000/0022-GetNextVariableName-Fix.patch
--
2.17.1
^ permalink raw reply [flat|nested] 5+ messages in thread
* [PATCH langdale 1/2] arm-bsp/trusted-services: add checks for null attributes in smm gateway
2022-11-04 15:04 [PATCH 0/2] arm-bsp/trusted-services: smm gateway fixes for emekcan.aras
@ 2022-11-04 15:04 ` emekcan.aras
2022-11-04 15:04 ` [PATCH langdale 2/2] arm-bsp/trusted-services: Fix GetNextVariable max_name_len " emekcan.aras
2022-11-07 19:03 ` [PATCH 0/2] arm-bsp/trusted-services: smm gateway fixes for Jon Mason
2 siblings, 0 replies; 5+ messages in thread
From: emekcan.aras @ 2022-11-04 15:04 UTC (permalink / raw)
To: meta-arm, Jon.Mason, Ross.Burton; +Cc: nd, Emekcan
From: Emekcan <emekcan.aras@arm.com>
As in EDK-2 and EDK-2 test code, setVariable() with 0
attributes means a delete variable requiest. Currently,
smm gateway doesn't handle this scenario. This commit
adds that support
Signed-off-by: Emekcan Aras <emekcan.aras@arm.com>
---
...teway-add-checks-for-null-attributes.patch | 35 +++++++++++++++++++
.../trusted-services/ts-corstone1000.inc | 1 +
2 files changed, 36 insertions(+)
create mode 100644 meta-arm-bsp/recipes-security/trusted-services/corstone1000/0021-smm_gateway-add-checks-for-null-attributes.patch
diff --git a/meta-arm-bsp/recipes-security/trusted-services/corstone1000/0021-smm_gateway-add-checks-for-null-attributes.patch b/meta-arm-bsp/recipes-security/trusted-services/corstone1000/0021-smm_gateway-add-checks-for-null-attributes.patch
new file mode 100644
index 00000000..87c053fc
--- /dev/null
+++ b/meta-arm-bsp/recipes-security/trusted-services/corstone1000/0021-smm_gateway-add-checks-for-null-attributes.patch
@@ -0,0 +1,35 @@
+From 6d3cac6f3a6e977e9330c9c06514a372ade170a2 Mon Sep 17 00:00:00 2001
+From: Emekcan <emekcan.aras@arm.com>
+Date: Wed, 2 Nov 2022 09:58:27 +0000
+Subject: [PATCH] smm_gateway: add checks for null attributes
+
+As par EDK-2 and EDK-2 test code, setVariable() with 0
+attributes means a delete variable request. Currently,
+smm gatway doesn't handle this scenario. This commit adds
+that support.
+
+Upstream-Status: Pending
+Signed-off-by: Emekcan Aras <emekcan.aras@arm.com>
+---
+ components/service/smm_variable/backend/uefi_variable_store.c | 4 ++--
+ 1 file changed, 2 insertions(+), 2 deletions(-)
+
+diff --git a/components/service/smm_variable/backend/uefi_variable_store.c b/components/service/smm_variable/backend/uefi_variable_store.c
+index 6c3b9ed8..a691dc5d 100644
+--- a/components/service/smm_variable/backend/uefi_variable_store.c
++++ b/components/service/smm_variable/backend/uefi_variable_store.c
+@@ -202,9 +202,9 @@ efi_status_t uefi_variable_store_set_variable(
+ if (info->is_variable_set) {
+
+ /* It's a request to update to an existing variable */
+- if (!(var->Attributes &
++ if (!(var->Attributes) || (!(var->Attributes &
+ (EFI_VARIABLE_APPEND_WRITE | EFI_VARIABLE_AUTHENTICATED_WRITE_ACCESS_MASK)) &&
+- !var->DataSize) {
++ !var->DataSize)) {
+
+ /* It's a remove operation - for a remove, the variable
+ * data must be removed from the storage backend before
+--
+2.17.1
+
diff --git a/meta-arm-bsp/recipes-security/trusted-services/ts-corstone1000.inc b/meta-arm-bsp/recipes-security/trusted-services/ts-corstone1000.inc
index 0d856bc5..d56a4a9a 100644
--- a/meta-arm-bsp/recipes-security/trusted-services/ts-corstone1000.inc
+++ b/meta-arm-bsp/recipes-security/trusted-services/ts-corstone1000.inc
@@ -21,4 +21,5 @@ SRC_URI:append:corstone1000 = " \
file://0018-Fixes-in-AEAD-for-psa-arch-test-54-and-58.patch;patchdir=../trusted-services \
file://0019-plat-corstone1000-change-default-smm-values.patch;patchdir=../trusted-services \
file://0020-FMP-Support-in-Corstone1000.patch;patchdir=../trusted-services \
+ file://0021-smm_gateway-add-checks-for-null-attributes.patch;patchdir=../trusted-services \
"
--
2.17.1
^ permalink raw reply related [flat|nested] 5+ messages in thread
* [PATCH langdale 2/2] arm-bsp/trusted-services: Fix GetNextVariable max_name_len in smm gateway
2022-11-04 15:04 [PATCH 0/2] arm-bsp/trusted-services: smm gateway fixes for emekcan.aras
2022-11-04 15:04 ` [PATCH langdale 1/2] arm-bsp/trusted-services: add checks for null attributes in smm gateway emekcan.aras
@ 2022-11-04 15:04 ` emekcan.aras
2022-11-07 19:03 ` [PATCH 0/2] arm-bsp/trusted-services: smm gateway fixes for Jon Mason
2 siblings, 0 replies; 5+ messages in thread
From: emekcan.aras @ 2022-11-04 15:04 UTC (permalink / raw)
To: meta-arm, Jon.Mason, Ross.Burton; +Cc: nd, Emekcan
From: Emekcan <emekcan.aras@arm.com>
GetNextVariableName() should return EFI_BUFFER_TOO_SMALL
when NameSize is smaller than the actual NameSize. It
currently returns EFI_BUFFER_OUT_OF_RESOURCES due to setting
max_name_len incorrectly. This fixes max_name_len error by
replacing it with actual NameSize request by u-boot.
Signed-off-by: Emekcan Aras <emekcan.aras@arm.com>
---
.../0022-GetNextVariableName-Fix.patch | 33 +++++++++++++++++++
.../trusted-services/ts-corstone1000.inc | 1 +
2 files changed, 34 insertions(+)
create mode 100644 meta-arm-bsp/recipes-security/trusted-services/corstone1000/0022-GetNextVariableName-Fix.patch
diff --git a/meta-arm-bsp/recipes-security/trusted-services/corstone1000/0022-GetNextVariableName-Fix.patch b/meta-arm-bsp/recipes-security/trusted-services/corstone1000/0022-GetNextVariableName-Fix.patch
new file mode 100644
index 00000000..ed4e6e27
--- /dev/null
+++ b/meta-arm-bsp/recipes-security/trusted-services/corstone1000/0022-GetNextVariableName-Fix.patch
@@ -0,0 +1,33 @@
+From 2aa665ad2cb13bc79b645db41686449a47593aab Mon Sep 17 00:00:00 2001
+From: Emekcan <emekcan.aras@arm.com>
+Date: Thu, 3 Nov 2022 17:43:40 +0000
+Subject: [PATCH] smm_gateway: GetNextVariableName Fix
+
+GetNextVariableName() should return EFI_BUFFER_TOO_SMALL
+when NameSize is smaller than the actual NameSize. It
+currently returns EFI_BUFFER_OUT_OF_RESOURCES due to setting
+max_name_len incorrectly. This fixes max_name_len error by
+replacing it with actual NameSize request by u-boot.
+
+Upstream-Status: Pending
+Signed-off-by: Emekcan Aras <emekcan.aras@arm.com>
+---
+ .../service/smm_variable/provider/smm_variable_provider.c | 2 +-
+ 1 file changed, 1 insertion(+), 1 deletion(-)
+
+diff --git a/components/service/smm_variable/provider/smm_variable_provider.c b/components/service/smm_variable/provider/smm_variable_provider.c
+index a9679b7e..6a4b6fa7 100644
+--- a/components/service/smm_variable/provider/smm_variable_provider.c
++++ b/components/service/smm_variable/provider/smm_variable_provider.c
+@@ -197,7 +197,7 @@ static rpc_status_t get_next_variable_name_handler(void *context, struct call_re
+ efi_status = uefi_variable_store_get_next_variable_name(
+ &this_instance->variable_store,
+ (SMM_VARIABLE_COMMUNICATE_GET_NEXT_VARIABLE_NAME*)resp_buf->data,
+- max_name_len,
++ ((SMM_VARIABLE_COMMUNICATE_GET_NEXT_VARIABLE_NAME*)resp_buf->data)->NameSize,
+ &resp_buf->data_len);
+ }
+ else {
+--
+2.17.1
+
diff --git a/meta-arm-bsp/recipes-security/trusted-services/ts-corstone1000.inc b/meta-arm-bsp/recipes-security/trusted-services/ts-corstone1000.inc
index d56a4a9a..e97fb593 100644
--- a/meta-arm-bsp/recipes-security/trusted-services/ts-corstone1000.inc
+++ b/meta-arm-bsp/recipes-security/trusted-services/ts-corstone1000.inc
@@ -22,4 +22,5 @@ SRC_URI:append:corstone1000 = " \
file://0019-plat-corstone1000-change-default-smm-values.patch;patchdir=../trusted-services \
file://0020-FMP-Support-in-Corstone1000.patch;patchdir=../trusted-services \
file://0021-smm_gateway-add-checks-for-null-attributes.patch;patchdir=../trusted-services \
+ file://0022-GetNextVariableName-Fix.patch;patchdir=../trusted-services \
"
--
2.17.1
^ permalink raw reply related [flat|nested] 5+ messages in thread
* Re: [PATCH 0/2] arm-bsp/trusted-services: smm gateway fixes for
2022-11-04 15:04 [PATCH 0/2] arm-bsp/trusted-services: smm gateway fixes for emekcan.aras
2022-11-04 15:04 ` [PATCH langdale 1/2] arm-bsp/trusted-services: add checks for null attributes in smm gateway emekcan.aras
2022-11-04 15:04 ` [PATCH langdale 2/2] arm-bsp/trusted-services: Fix GetNextVariable max_name_len " emekcan.aras
@ 2022-11-07 19:03 ` Jon Mason
2 siblings, 0 replies; 5+ messages in thread
From: Jon Mason @ 2022-11-07 19:03 UTC (permalink / raw)
To: meta-arm, emekcan.aras, Jon.Mason, Ross.Burton; +Cc: nd
On Fri, 4 Nov 2022 15:04:47 +0000, emekcan.aras@arm.com wrote:
> The SMM gateway in trusted-services does not return the right error
> values in negative cases. This patchset fixes those issues as
> expected in EDK2-tests.
>
> Emekcan (2):
> arm-bsp/trusted-services: add checks for null attributes in smm
> gateway
> arm-bsp/trusted-services: Fix GetNextVariable max_name_len in smm
> gateway
>
> [...]
Applied, thanks!
[1/2] arm-bsp/trusted-services: add checks for null attributes in smm gateway
commit: 5fd87e47f6d6ef4949123a2b21a6a4217b84ecc2
[2/2] arm-bsp/trusted-services: Fix GetNextVariable max_name_len in smm gateway
commit: a41572a03284c13c31c612bc04eb6c34bdf9f03d
Best regards,
--
Jon Mason <jon.mason@arm.com>
^ permalink raw reply [flat|nested] 5+ messages in thread
* [PATCH 0/2] arm-bsp/trusted-services: smm gateway fixes for
@ 2022-11-04 15:02 emekcan.aras
0 siblings, 0 replies; 5+ messages in thread
From: emekcan.aras @ 2022-11-04 15:02 UTC (permalink / raw)
To: meta-arm, Jon.Mason, Ross.Burton; +Cc: nd, Emekcan
From: Emekcan <emekcan.aras@arm.com>
The SMM gateway in trusted-services does not return the right error
values in negative cases. This patchset fixes those issues as
expected in EDK2-tests.
Emekcan (2):
arm-bsp/trusted-services: add checks for null attributes in smm
gateway
arm-bsp/trusted-services: Fix GetNextVariable max_name_len in smm
gateway
...teway-add-checks-for-null-attributes.patch | 35 +++++++++++++++++++
.../0022-GetNextVariableName-Fix.patch | 33 +++++++++++++++++
.../trusted-services/ts-corstone1000.inc | 2 ++
3 files changed, 70 insertions(+)
create mode 100644 meta-arm-bsp/recipes-security/trusted-services/corstone1000/0021-smm_gateway-add-checks-for-null-attributes.patch
create mode 100644 meta-arm-bsp/recipes-security/trusted-services/corstone1000/0022-GetNextVariableName-Fix.patch
--
2.17.1
^ permalink raw reply [flat|nested] 5+ messages in thread
end of thread, other threads:[~2022-11-07 19:04 UTC | newest]
Thread overview: 5+ messages (download: mbox.gz / follow: Atom feed)
-- links below jump to the message on this page --
2022-11-04 15:04 [PATCH 0/2] arm-bsp/trusted-services: smm gateway fixes for emekcan.aras
2022-11-04 15:04 ` [PATCH langdale 1/2] arm-bsp/trusted-services: add checks for null attributes in smm gateway emekcan.aras
2022-11-04 15:04 ` [PATCH langdale 2/2] arm-bsp/trusted-services: Fix GetNextVariable max_name_len " emekcan.aras
2022-11-07 19:03 ` [PATCH 0/2] arm-bsp/trusted-services: smm gateway fixes for Jon Mason
-- strict thread matches above, loose matches on Subject: below --
2022-11-04 15:02 emekcan.aras
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.