From 70c7664cd3d2689f2ba9ed6bf0de0fc44501f613 Mon Sep 17 00:00:00 2001
From: "Yao, Jiewen" <Jiewen.Yao@intel.com>
Date: Tue, 28 Jul 2015 07:20:58 +0000
Subject: Add Secure MOR implementation.

Add a new module MemoryOverwriteRequestControlLock to register VarCheck handler to  enforce MorLock Policy.
Only SMM version is added because MOR is only supported in SMM variable case.

Contributed-under: TianoCore Contribution Agreement 1.0
Signed-off-by: "Yao, Jiewen" <Jiewen.Yao@intel.com>
Reviewed-by: "Chao Zhang" <chao.b.zhang@intel.com>


git-svn-id: https://svn.code.sf.net/p/edk2/code/trunk/edk2@18092 6f19259b-4bc3-4df7-8a09-765794883524
---
 .../MemoryOverwriteRequestControlLock/TcgMorLock.c | 196 +++++++++++++++++++++
 1 file changed, 196 insertions(+)
 create mode 100644 SecurityPkg/Tcg/MemoryOverwriteRequestControlLock/TcgMorLock.c

(limited to 'SecurityPkg/Tcg/MemoryOverwriteRequestControlLock/TcgMorLock.c')

diff --git a/SecurityPkg/Tcg/MemoryOverwriteRequestControlLock/TcgMorLock.c b/SecurityPkg/Tcg/MemoryOverwriteRequestControlLock/TcgMorLock.c
new file mode 100644
index 0000000000..7ca707915e
--- /dev/null
+++ b/SecurityPkg/Tcg/MemoryOverwriteRequestControlLock/TcgMorLock.c
@@ -0,0 +1,196 @@
+/** @file
+  TCG MOR (Memory Overwrite Request) Lock Control Driver.
+
+  This driver initilize MemoryOverwriteRequestControlLock variable.
+  This module will add Variable Hook and allow MemoryOverwriteRequestControlLock variable set only once.
+
+Copyright (c) 2015, Intel Corporation. All rights reserved.<BR>
+This program and the accompanying materials 
+are licensed and made available under the terms and conditions of the BSD License 
+which accompanies this distribution.  The full text of the license may be found at 
+http://opensource.org/licenses/bsd-license.php
+
+THE PROGRAM IS DISTRIBUTED UNDER THE BSD LICENSE ON AN "AS IS" BASIS, 
+WITHOUT WARRANTIES OR REPRESENTATIONS OF ANY KIND, EITHER EXPRESS OR IMPLIED.
+
+**/
+
+#include <PiDxe.h>
+#include <Guid/MemoryOverwriteControl.h>
+#include <IndustryStandard/MemoryOverwriteRequestControlLock.h>
+#include <Library/DebugLib.h>
+#include <Library/BaseLib.h>
+#include <Library/BaseMemoryLib.h>
+#include "TcgMorLock.h"
+
+typedef struct {
+  CHAR16                                 *VariableName;
+  EFI_GUID                               *VendorGuid;
+} VARIABLE_TYPE;
+
+VARIABLE_TYPE  mMorVariableType[] = {
+  {MEMORY_OVERWRITE_REQUEST_VARIABLE_NAME,      &gEfiMemoryOverwriteControlDataGuid},
+  {MEMORY_OVERWRITE_REQUEST_CONTROL_LOCK_NAME,  &gEfiMemoryOverwriteRequestControlLockGuid},
+};
+
+/**
+  Returns if this is MOR related variable.
+
+  @param  VariableName the name of the vendor's variable, it's a Null-Terminated Unicode String
+  @param  VendorGuid   Unify identifier for vendor.
+
+  @retval  TRUE            The variable is MOR related.
+  @retval  FALSE           The variable is NOT MOR related.
+**/
+BOOLEAN
+IsAnyMorVariable (
+  IN CHAR16                                 *VariableName,
+  IN EFI_GUID                               *VendorGuid
+  )
+{
+  UINTN   Index;
+
+  for (Index = 0; Index < sizeof(mMorVariableType)/sizeof(mMorVariableType[0]); Index++) {
+    if ((StrCmp (VariableName, mMorVariableType[Index].VariableName) == 0) && 
+        (CompareGuid (VendorGuid, mMorVariableType[Index].VendorGuid))) {
+      return TRUE;
+    }
+  }
+  return FALSE;
+}
+
+/**
+  Returns if this is MOR lock variable.
+
+  @param  VariableName the name of the vendor's variable, it's a Null-Terminated Unicode String
+  @param  VendorGuid   Unify identifier for vendor.
+
+  @retval  TRUE            The variable is MOR lock variable.
+  @retval  FALSE           The variable is NOT MOR lock variable.
+**/
+BOOLEAN
+IsMorLockVariable (
+  IN CHAR16                                 *VariableName,
+  IN EFI_GUID                               *VendorGuid
+  )
+{
+  if ((StrCmp (VariableName, MEMORY_OVERWRITE_REQUEST_CONTROL_LOCK_NAME) == 0) && 
+      (CompareGuid (VendorGuid, &gEfiMemoryOverwriteRequestControlLockGuid))) {
+    return TRUE;
+  }
+  return FALSE;
+}
+
+/**
+  This service is a checker handler for the UEFI Runtime Service SetVariable()
+
+  @param  VariableName the name of the vendor's variable, as a
+                       Null-Terminated Unicode String
+  @param  VendorGuid   Unify identifier for vendor.
+  @param  Attributes   Point to memory location to return the attributes of variable. If the point
+                       is NULL, the parameter would be ignored.
+  @param  DataSize     The size in bytes of Data-Buffer.
+  @param  Data         Point to the content of the variable.
+
+  @retval  EFI_SUCCESS            The firmware has successfully stored the variable and its data as
+                                  defined by the Attributes.
+  @retval  EFI_INVALID_PARAMETER  An invalid combination of attribute bits was supplied, or the
+                                  DataSize exceeds the maximum allowed.
+  @retval  EFI_INVALID_PARAMETER  VariableName is an empty Unicode string.
+  @retval  EFI_OUT_OF_RESOURCES   Not enough storage is available to hold the variable and its data.
+  @retval  EFI_DEVICE_ERROR       The variable could not be saved due to a hardware failure.
+  @retval  EFI_WRITE_PROTECTED    The variable in question is read-only.
+  @retval  EFI_WRITE_PROTECTED    The variable in question cannot be deleted.
+  @retval  EFI_SECURITY_VIOLATION The variable could not be written due to EFI_VARIABLE_AUTHENTICATED_WRITE_ACCESS
+                                  set but the AuthInfo does NOT pass the validation check carried
+                                  out by the firmware.
+  @retval  EFI_NOT_FOUND          The variable trying to be updated or deleted was not found.
+
+**/
+EFI_STATUS
+EFIAPI
+SetVariableCheckHandlerMor (
+  IN CHAR16     *VariableName,
+  IN EFI_GUID   *VendorGuid,
+  IN UINT32     Attributes,
+  IN UINTN      DataSize,
+  IN VOID       *Data
+  )
+{
+  UINTN       MorLockDataSize;
+  BOOLEAN     MorLock;
+  EFI_STATUS  Status;
+
+  //
+  // do not handle non-MOR variable
+  //
+  if (!IsAnyMorVariable (VariableName, VendorGuid)) {
+    return EFI_SUCCESS;
+  }
+
+  MorLockDataSize = sizeof(MorLock);
+  Status = InternalGetVariable (
+             MEMORY_OVERWRITE_REQUEST_CONTROL_LOCK_NAME,
+             &gEfiMemoryOverwriteRequestControlLockGuid,
+             NULL,
+             &MorLockDataSize,
+             &MorLock
+             );
+  if (!EFI_ERROR (Status) && MorLock) {
+    //
+    // If lock, deny access
+    //
+    return EFI_INVALID_PARAMETER;
+  }
+  
+  //
+  // check format
+  //
+  if (IsMorLockVariable(VariableName, VendorGuid)) {
+    //
+    // Delete not OK
+    //
+    if ((DataSize == 0) || (Data == NULL) || (Attributes == 0)) {
+      return EFI_INVALID_PARAMETER;
+    }
+    //
+    // set to any other value not OK
+    //
+    if ((DataSize != sizeof(UINT8)) || ((*(UINT8 *)Data != 1) && (*(UINT8 *)Data != 0))) {
+      return EFI_INVALID_PARAMETER;
+    }
+  }
+  //
+  // Or grant access
+  //
+  return EFI_SUCCESS;
+}
+
+/**
+  Entry Point for MOR Lock Control driver.
+
+  @param[in] ImageHandle  Image handle of this driver.
+  @param[in] SystemTable  A Pointer to the EFI System Table.
+
+  @retval EFI_SUCEESS     
+  @return Others          Some error occurs.
+**/
+EFI_STATUS
+EFIAPI
+MorLockDriverInit (
+  VOID
+  )
+{
+  EFI_STATUS  Status;
+  UINT8       Data;
+
+  Data = 0;
+  Status = InternalSetVariable (
+             MEMORY_OVERWRITE_REQUEST_CONTROL_LOCK_NAME,
+             &gEfiMemoryOverwriteRequestControlLockGuid,
+             EFI_VARIABLE_NON_VOLATILE | EFI_VARIABLE_BOOTSERVICE_ACCESS | EFI_VARIABLE_RUNTIME_ACCESS,
+             1,
+             &Data
+             );
+  return Status;
+}
-- 
cgit v1.2.3