From patchwork Wed Oct 22 09:38:48 2014 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Ivan Hu X-Patchwork-Id: 401978 Return-Path: X-Original-To: incoming@patchwork.ozlabs.org Delivered-To: patchwork-incoming@bilbo.ozlabs.org Received: from huckleberry.canonical.com (huckleberry.canonical.com [91.189.94.19]) by ozlabs.org (Postfix) with ESMTP id F360014003E; Wed, 22 Oct 2014 20:39:06 +1100 (AEDT) Received: from localhost ([127.0.0.1] helo=huckleberry.canonical.com) by huckleberry.canonical.com with esmtp (Exim 4.76) (envelope-from ) id 1XgsNl-0007eo-Tu; Wed, 22 Oct 2014 09:39:05 +0000 Received: from youngberry.canonical.com ([91.189.89.112]) by huckleberry.canonical.com with esmtp (Exim 4.76) (envelope-from ) id 1XgsNg-0007eM-1D for fwts-devel@lists.ubuntu.com; Wed, 22 Oct 2014 09:39:00 +0000 Received: from [175.41.48.77] (helo=canonical.com) by youngberry.canonical.com with esmtpsa (TLS1.0:DHE_RSA_AES_128_CBC_SHA1:16) (Exim 4.71) (envelope-from ) id 1XgsNf-0004lG-F1; Wed, 22 Oct 2014 09:39:00 +0000 From: Ivan Hu To: fwts-devel@lists.ubuntu.com Subject: [PATCH 07/15] uefirtauthvar: add setting old authenticated variable test Date: Wed, 22 Oct 2014 17:38:48 +0800 Message-Id: <1413970728-27169-2-git-send-email-ivan.hu@canonical.com> X-Mailer: git-send-email 1.7.9.5 In-Reply-To: <1413970728-27169-1-git-send-email-ivan.hu@canonical.com> References: <1413970728-27169-1-git-send-email-ivan.hu@canonical.com> X-BeenThere: fwts-devel@lists.ubuntu.com X-Mailman-Version: 2.1.14 Precedence: list List-Id: Firmware Test Suite Development List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , MIME-Version: 1.0 Errors-To: fwts-devel-bounces@lists.ubuntu.com Sender: fwts-devel-bounces@lists.ubuntu.com Set the old data and timestamp authenticated variable, fw need to check the authenticaed information and return EFI_SECURITY_VIOLATION. Signed-off-by: Ivan Hu Acked-by: Colin Ian King Acked-by: Alex Hung --- src/uefi/uefirtauthvar/uefirtauthvar.c | 36 ++++++++++++++++++++++++++++++++ 1 file changed, 36 insertions(+) diff --git a/src/uefi/uefirtauthvar/uefirtauthvar.c b/src/uefi/uefirtauthvar/uefirtauthvar.c index 0af2714..0d98f33 100644 --- a/src/uefi/uefirtauthvar/uefirtauthvar.c +++ b/src/uefi/uefirtauthvar/uefirtauthvar.c @@ -429,12 +429,48 @@ static int uefirtauthvar_test5(fwts_framework *fw) return FWTS_OK; } +/* + * After updated, set the old data and timestamp authenticated variable, + * AuthVarCreate, expect EFI_SECURITY_VIOLATION returned. + */ +static int uefirtauthvar_test6(fwts_framework *fw) +{ + long ioret; + uint64_t status; + int supcheck; + + ioret = setvar(>estguid, attributes, sizeof(AuthVarCreate), AuthVarCreate, &status); + + if (ioret == -1) { + supcheck = check_fw_support(fw, status); + if (supcheck != FWTS_OK) + return supcheck; + + if (status == EFI_SECURITY_VIOLATION) { + fwts_passed(fw, "Authenticated variable test with old authenticated variable passed."); + return FWTS_OK; + } + + fwts_failed(fw, LOG_LEVEL_MEDIUM, + "UEFISetOldAuthVar", + "Set authenticated variable fail"); + fwts_uefi_print_status_info(fw, status); + } + + fwts_failed(fw, LOG_LEVEL_HIGH, + "UEFISetOldAuthVar", + "Set authenticated variable expected fail but success"); + + return FWTS_ERROR; +} + static fwts_framework_minor_test uefirtauthvar_tests[] = { { uefirtauthvar_test1, "Create authenticated variable test." }, { uefirtauthvar_test2, "Authenticated variable test with the same authenticated variable." }, { uefirtauthvar_test3, "Authenticated variable test with another valid authenticated variable." }, { uefirtauthvar_test4, "Append authenticated variable test." }, { uefirtauthvar_test5, "Update authenticated variable test." }, + { uefirtauthvar_test6, "Authenticated variable test with old authenticated variable." }, { NULL, NULL } };