Acked-by: Michael Kubacki <michael.kuba...@microsoft.com>
Inline code comment below. On 4/12/2023 5:25 PM, Abhimanyu Singh wrote:
REF: https://bugzilla.tianocore.org/show_bug.cgi?id=4410 Inside TcgMorLockSmm.c, the SetVariableCheckHandlerMorLock() function contains a scenario to prevent a possible dictionary attack on the MorLock Key in accordance with the TCG Platform Reset Mitigation Spec v1.10. The mechanism to prevent this attack must also change the MorLock Variable Value to 0x01 to indicate Locked Without Key. Cc: Jian J Wang <jian.j.w...@intel.com> Cc: Liming Gao <gaolim...@byosoft.com.cn> Signed-off-by: Abhi Singh <abhi.si...@arm.com> --- MdeModulePkg/Universal/Variable/RuntimeDxe/TcgMorLockSmm.c | 4 ++++ 1 file changed, 4 insertions(+) diff --git a/MdeModulePkg/Universal/Variable/RuntimeDxe/TcgMorLockSmm.c b/MdeModulePkg/Universal/Variable/RuntimeDxe/TcgMorLockSmm.c index da1105ff073e..a76db18ef877 100644 --- a/MdeModulePkg/Universal/Variable/RuntimeDxe/TcgMorLockSmm.c +++ b/MdeModulePkg/Universal/Variable/RuntimeDxe/TcgMorLockSmm.c @@ -312,6 +312,10 @@ SetVariableCheckHandlerMorLock ( mMorLockState = MorLockStateLocked; mMorLockKeyEmpty = TRUE; ZeroMem (mMorLockKey, sizeof (mMorLockKey)); + // + // Update value to reflect locked without key + // + SetMorLockVariable (MOR_LOCK_DATA_LOCKED_WITHOUT_KEY);
I know the TCG Reset Attack Mitigation Specification requires EFI_ACCESS_DENIED to be returned from this function in this case but SetMorLockVariable() returns a status code.
I suggest capturing that followed by an ASSERT_EFI_ERROR (Status) to at least help raise visibility of unexpected errors in builds with asserts enabled.
return EFI_ACCESS_DENIED; } }
-=-=-=-=-=-=-=-=-=-=-=- Groups.io Links: You receive all messages sent to this group. View/Reply Online (#105958): https://edk2.groups.io/g/devel/message/105958 Mute This Topic: https://groups.io/mt/98228898/21656 Group Owner: devel+ow...@edk2.groups.io Unsubscribe: https://edk2.groups.io/g/devel/unsub [arch...@mail-archive.com] -=-=-=-=-=-=-=-=-=-=-=-