| Message ID | 1414146540-9804-1-git-send-email-ivan.hu@canonical.com |
|---|---|
| State | Accepted |
| Headers | show |
On 24/10/14 11:29, Ivan Hu wrote: > Set the authenticated variable with both EFI_VARIABLE_AUTHENTICATED_WRITE_ACCESS > and the EFI_VARIABLE_TIME_BASED_AUTHENTICATED_WRITE_ACCESS attributes, firmware > should return EFI_INVALID_PARAMETER. > > Signed-off-by: Ivan Hu <ivan.hu@canonical.com> > --- > src/uefi/uefirtauthvar/uefirtauthvar.c | 50 ++++++++++++++++++++++++++++++++ > 1 file changed, 50 insertions(+) > > diff --git a/src/uefi/uefirtauthvar/uefirtauthvar.c b/src/uefi/uefirtauthvar/uefirtauthvar.c > index 0a811ce..7566a04 100644 > --- a/src/uefi/uefirtauthvar/uefirtauthvar.c > +++ b/src/uefi/uefirtauthvar/uefirtauthvar.c > @@ -665,6 +665,55 @@ static int uefirtauthvar_test11(fwts_framework *fw) > return FWTS_ERROR; > } > > +/* > + * Set the authenticated variable with both EFI_VARIABLE_AUTHENTICATED_WRITE_ACCESS > + * and the EFI_VARIABLE_TIME_BASED_AUTHENTICATED_WRITE_ACCESS attributes, firmware > + * should return EFI_INVALID_PARAMETER. > + */ > +static int uefirtauthvar_test12(fwts_framework *fw) > +{ > + long ioret; > + > + uint64_t status; > + uint32_t attr_both = attributes | FWTS_UEFI_VARIABLE_AUTHENTICATED_WRITE_ACCESS; > + > + ioret = setvar(>estguid, attr_both, sizeof(AuthVarCreate), AuthVarCreate, &status); > + > + if (ioret == -1) { > + if (status == EFI_INVALID_PARAMETER) { > + fwts_passed(fw, "Test with both authenticated attributes are set passed."); > + > + return FWTS_OK; > + } > + if (status == EFI_OUT_OF_RESOURCES) { > + fwts_uefi_print_status_info(fw, status); > + fwts_skipped(fw, > + "Run out of resources for SetVariable " > + "UEFI runtime interface: cannot test."); > + fwts_advice(fw, > + "Firmware may reclaim some resources " > + "after rebooting. Reboot and test " > + "again may be helpful to continue " > + "the test."); > + return FWTS_SKIP; > + } > + fwts_failed(fw, LOG_LEVEL_MEDIUM, > + "UEFIRuntimeSetVariable", > + "Failed to set variable with UEFI " > + "runtime service."); > + > + fwts_uefi_print_status_info(fw, status); > + return FWTS_ERROR; > + } > + > + fwts_failed(fw, LOG_LEVEL_HIGH, > + "UEFSetAuthVarWithBothAuthAttr", > + "Should not pass setting the authenticated variable " > + "with both authenticated attributes are set."); > + return FWTS_ERROR; > +} > + > + > static fwts_framework_minor_test uefirtauthvar_tests[] = { > { uefirtauthvar_test1, "Create authenticated variable test." }, > { uefirtauthvar_test2, "Authenticated variable test with the same authenticated variable." }, > @@ -677,6 +726,7 @@ static fwts_framework_minor_test uefirtauthvar_tests[] = { > { uefirtauthvar_test9, "Authenticated variable test with invalid modified timestamp." }, > { uefirtauthvar_test10, "Authenticated variable test with different guid." }, > { uefirtauthvar_test11, "Authenticated variable test with invalid attributes." }, > + { uefirtauthvar_test12, "Test with both authenticated attributes are set." }, > { NULL, NULL } > }; > > Acked-by: Colin Ian King <colin.king@canonical.com>
On 14-10-24 06:29 PM, Ivan Hu wrote: > Set the authenticated variable with both EFI_VARIABLE_AUTHENTICATED_WRITE_ACCESS > and the EFI_VARIABLE_TIME_BASED_AUTHENTICATED_WRITE_ACCESS attributes, firmware > should return EFI_INVALID_PARAMETER. > > Signed-off-by: Ivan Hu <ivan.hu@canonical.com> > --- > src/uefi/uefirtauthvar/uefirtauthvar.c | 50 ++++++++++++++++++++++++++++++++ > 1 file changed, 50 insertions(+) > > diff --git a/src/uefi/uefirtauthvar/uefirtauthvar.c b/src/uefi/uefirtauthvar/uefirtauthvar.c > index 0a811ce..7566a04 100644 > --- a/src/uefi/uefirtauthvar/uefirtauthvar.c > +++ b/src/uefi/uefirtauthvar/uefirtauthvar.c > @@ -665,6 +665,55 @@ static int uefirtauthvar_test11(fwts_framework *fw) > return FWTS_ERROR; > } > > +/* > + * Set the authenticated variable with both EFI_VARIABLE_AUTHENTICATED_WRITE_ACCESS > + * and the EFI_VARIABLE_TIME_BASED_AUTHENTICATED_WRITE_ACCESS attributes, firmware > + * should return EFI_INVALID_PARAMETER. > + */ > +static int uefirtauthvar_test12(fwts_framework *fw) > +{ > + long ioret; > + > + uint64_t status; > + uint32_t attr_both = attributes | FWTS_UEFI_VARIABLE_AUTHENTICATED_WRITE_ACCESS; > + > + ioret = setvar(>estguid, attr_both, sizeof(AuthVarCreate), AuthVarCreate, &status); > + > + if (ioret == -1) { > + if (status == EFI_INVALID_PARAMETER) { > + fwts_passed(fw, "Test with both authenticated attributes are set passed."); > + > + return FWTS_OK; > + } > + if (status == EFI_OUT_OF_RESOURCES) { > + fwts_uefi_print_status_info(fw, status); > + fwts_skipped(fw, > + "Run out of resources for SetVariable " > + "UEFI runtime interface: cannot test."); > + fwts_advice(fw, > + "Firmware may reclaim some resources " > + "after rebooting. Reboot and test " > + "again may be helpful to continue " > + "the test."); > + return FWTS_SKIP; > + } > + fwts_failed(fw, LOG_LEVEL_MEDIUM, > + "UEFIRuntimeSetVariable", > + "Failed to set variable with UEFI " > + "runtime service."); > + > + fwts_uefi_print_status_info(fw, status); > + return FWTS_ERROR; > + } > + > + fwts_failed(fw, LOG_LEVEL_HIGH, > + "UEFSetAuthVarWithBothAuthAttr", > + "Should not pass setting the authenticated variable " > + "with both authenticated attributes are set."); > + return FWTS_ERROR; > +} > + > + > static fwts_framework_minor_test uefirtauthvar_tests[] = { > { uefirtauthvar_test1, "Create authenticated variable test." }, > { uefirtauthvar_test2, "Authenticated variable test with the same authenticated variable." }, > @@ -677,6 +726,7 @@ static fwts_framework_minor_test uefirtauthvar_tests[] = { > { uefirtauthvar_test9, "Authenticated variable test with invalid modified timestamp." }, > { uefirtauthvar_test10, "Authenticated variable test with different guid." }, > { uefirtauthvar_test11, "Authenticated variable test with invalid attributes." }, > + { uefirtauthvar_test12, "Test with both authenticated attributes are set." }, > { NULL, NULL } > }; > Acked-by: Alex Hung <alex.hung@canonical.com>
diff --git a/src/uefi/uefirtauthvar/uefirtauthvar.c b/src/uefi/uefirtauthvar/uefirtauthvar.c index 0a811ce..7566a04 100644 --- a/src/uefi/uefirtauthvar/uefirtauthvar.c +++ b/src/uefi/uefirtauthvar/uefirtauthvar.c @@ -665,6 +665,55 @@ static int uefirtauthvar_test11(fwts_framework *fw) return FWTS_ERROR; } +/* + * Set the authenticated variable with both EFI_VARIABLE_AUTHENTICATED_WRITE_ACCESS + * and the EFI_VARIABLE_TIME_BASED_AUTHENTICATED_WRITE_ACCESS attributes, firmware + * should return EFI_INVALID_PARAMETER. + */ +static int uefirtauthvar_test12(fwts_framework *fw) +{ + long ioret; + + uint64_t status; + uint32_t attr_both = attributes | FWTS_UEFI_VARIABLE_AUTHENTICATED_WRITE_ACCESS; + + ioret = setvar(>estguid, attr_both, sizeof(AuthVarCreate), AuthVarCreate, &status); + + if (ioret == -1) { + if (status == EFI_INVALID_PARAMETER) { + fwts_passed(fw, "Test with both authenticated attributes are set passed."); + + return FWTS_OK; + } + if (status == EFI_OUT_OF_RESOURCES) { + fwts_uefi_print_status_info(fw, status); + fwts_skipped(fw, + "Run out of resources for SetVariable " + "UEFI runtime interface: cannot test."); + fwts_advice(fw, + "Firmware may reclaim some resources " + "after rebooting. Reboot and test " + "again may be helpful to continue " + "the test."); + return FWTS_SKIP; + } + fwts_failed(fw, LOG_LEVEL_MEDIUM, + "UEFIRuntimeSetVariable", + "Failed to set variable with UEFI " + "runtime service."); + + fwts_uefi_print_status_info(fw, status); + return FWTS_ERROR; + } + + fwts_failed(fw, LOG_LEVEL_HIGH, + "UEFSetAuthVarWithBothAuthAttr", + "Should not pass setting the authenticated variable " + "with both authenticated attributes are set."); + return FWTS_ERROR; +} + + static fwts_framework_minor_test uefirtauthvar_tests[] = { { uefirtauthvar_test1, "Create authenticated variable test." }, { uefirtauthvar_test2, "Authenticated variable test with the same authenticated variable." }, @@ -677,6 +726,7 @@ static fwts_framework_minor_test uefirtauthvar_tests[] = { { uefirtauthvar_test9, "Authenticated variable test with invalid modified timestamp." }, { uefirtauthvar_test10, "Authenticated variable test with different guid." }, { uefirtauthvar_test11, "Authenticated variable test with invalid attributes." }, + { uefirtauthvar_test12, "Test with both authenticated attributes are set." }, { NULL, NULL } };
Set the authenticated variable with both EFI_VARIABLE_AUTHENTICATED_WRITE_ACCESS and the EFI_VARIABLE_TIME_BASED_AUTHENTICATED_WRITE_ACCESS attributes, firmware should return EFI_INVALID_PARAMETER. Signed-off-by: Ivan Hu <ivan.hu@canonical.com> --- src/uefi/uefirtauthvar/uefirtauthvar.c | 50 ++++++++++++++++++++++++++++++++ 1 file changed, 50 insertions(+)