From patchwork Thu Oct 23 07:25:06 2014 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Ivan Hu X-Patchwork-Id: 402395 Return-Path: X-Original-To: incoming@patchwork.ozlabs.org Delivered-To: patchwork-incoming@bilbo.ozlabs.org Received: from huckleberry.canonical.com (huckleberry.canonical.com [91.189.94.19]) by ozlabs.org (Postfix) with ESMTP id BF8CA140082; Thu, 23 Oct 2014 18:25:16 +1100 (AEDT) Received: from localhost ([127.0.0.1] helo=huckleberry.canonical.com) by huckleberry.canonical.com with esmtp (Exim 4.76) (envelope-from ) id 1XhCln-00013g-JY; Thu, 23 Oct 2014 07:25:15 +0000 Received: from youngberry.canonical.com ([91.189.89.112]) by huckleberry.canonical.com with esmtp (Exim 4.76) (envelope-from ) id 1XhClh-00013W-Pz for fwts-devel@lists.ubuntu.com; Thu, 23 Oct 2014 07:25:09 +0000 Received: from 112-104-139-102.adsl.dynamic.seed.net.tw ([112.104.139.102] helo=canonical.com) by youngberry.canonical.com with esmtpsa (TLS1.0:DHE_RSA_AES_128_CBC_SHA1:16) (Exim 4.71) (envelope-from ) id 1XhClh-0001Rp-0s; Thu, 23 Oct 2014 07:25:09 +0000 From: Ivan Hu To: fwts-devel@lists.ubuntu.com Subject: [PATCH 03/15][RESEND] uefirtauthvar: add test with setting the same authenticated variable Date: Thu, 23 Oct 2014 15:25:06 +0800 Message-Id: <1414049106-25546-1-git-send-email-ivan.hu@canonical.com> X-Mailer: git-send-email 1.7.9.5 X-BeenThere: fwts-devel@lists.ubuntu.com X-Mailman-Version: 2.1.14 Precedence: list List-Id: Firmware Test Suite Development List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , MIME-Version: 1.0 Errors-To: fwts-devel-bounces@lists.ubuntu.com Sender: fwts-devel-bounces@lists.ubuntu.com Add the test with one existing variable, but set the same authenticated variable, firmware need to check the setting authenticated variable and return EFI_SECURITY_VIOLATION. Signed-off-by: Ivan Hu Acked-by: Colin Ian King Acked-by: Alex Hung --- src/uefi/uefirtauthvar/uefirtauthvar.c | 36 ++++++++++++++++++++++++++++++++ 1 file changed, 36 insertions(+) diff --git a/src/uefi/uefirtauthvar/uefirtauthvar.c b/src/uefi/uefirtauthvar/uefirtauthvar.c index 4be4a6f..69460a2 100644 --- a/src/uefi/uefirtauthvar/uefirtauthvar.c +++ b/src/uefi/uefirtauthvar/uefirtauthvar.c @@ -223,8 +223,44 @@ static int uefirtauthvar_test1(fwts_framework *fw) return FWTS_OK; } +/* + * With one existing variable, but set the same authenticated variable, + * AuthVarCreate, expect EFI_SECURITY_VIOLATION returned. + */ +static int uefirtauthvar_test2(fwts_framework *fw) +{ + long ioret; + uint64_t status; + int supcheck; + + ioret = setvar(>estguid, attributes, sizeof(AuthVarCreate), AuthVarCreate, &status); + + if (ioret == -1) { + supcheck = check_fw_support(fw, status); + if (supcheck != FWTS_OK) + return supcheck; + + if (status == EFI_SECURITY_VIOLATION) { + fwts_passed(fw, "Set the same authenticated variable test passed."); + return FWTS_OK; + } + + fwts_failed(fw, LOG_LEVEL_MEDIUM, + "UEFISetSameAuthVar", + "Set authenticated variable fail"); + fwts_uefi_print_status_info(fw, status); + } + + fwts_failed(fw, LOG_LEVEL_HIGH, + "UEFISetSameAuthVar", + "Set authenticated variable expected fail but success"); + + return FWTS_ERROR; +} + static fwts_framework_minor_test uefirtauthvar_tests[] = { { uefirtauthvar_test1, "Create authenticated variable test." }, + { uefirtauthvar_test2, "Authenticated variable test with the same authenticated variable." }, { NULL, NULL } };