- NetworkPkg: : Add Unit tests to CI and create Host Test
DSC - NetworkPkg: Dhcp6Dxe: SECURITY PATCH CVE-2023-45230 Patch - NetworkPkg: Dhcp6Dxe: SECURITY PATCH CVE-2023-45230 Unit Tests - NetworkPkg: UefiPxeBcDxe: SECURITY PATCH CVE-2023-45234 Patch - NetworkPkg: UefiPxeBcDxe: SECURITY PATCH CVE-2023-45234 Unit Tests
This commit is contained in:
parent
856f406771
commit
89f15cf352
@ -0,0 +1,169 @@
|
||||
From aa66757951e9880df4e21e191142400480aa3908 Mon Sep 17 00:00:00 2001
|
||||
From: Jon Maloy <jmaloy@redhat.com>
|
||||
Date: Thu, 8 Feb 2024 10:35:14 -0500
|
||||
Subject: [PATCH 15/17] NetworkPkg: : Add Unit tests to CI and create Host Test
|
||||
DSC
|
||||
|
||||
RH-Author: Jon Maloy <jmaloy@redhat.com>
|
||||
RH-MergeRequest: 50: CVE-2023-45230 and CVE-2023-45229
|
||||
RH-Jira: RHEL-21840 RHEL-21842
|
||||
RH-Acked-by: Oliver Steffen <osteffen@redhat.com>
|
||||
RH-Commit: [2/4] 6669306e2dbb5aa3e7691d57f4a61685b7cd57b2 (jmaloy/jons_fork)
|
||||
|
||||
JIRA: https://issues.redhat.com/browse/RHEL-21842
|
||||
CVE: CVE-2023-45230
|
||||
Upstream: Merged
|
||||
|
||||
commit 8014ac2d7bbbc503f5562b51af46bb20ae3d22ff
|
||||
Author: Doug Flick via groups.io <dougflick=microsoft.com@groups.io>
|
||||
Date: Fri Jan 26 05:54:44 2024 +0800
|
||||
|
||||
NetworkPkg: : Add Unit tests to CI and create Host Test DSC
|
||||
|
||||
Adds Host Based testing to the NetworkPkg
|
||||
|
||||
Cc: Saloni Kasbekar <saloni.kasbekar@intel.com>
|
||||
Cc: Zachary Clark-williams <zachary.clark-williams@intel.com>
|
||||
|
||||
Signed-off-by: Doug Flick [MSFT] <doug.edk2@gmail.com>
|
||||
Reviewed-by: Saloni Kasbekar <saloni.kasbekar@intel.com>
|
||||
|
||||
Signed-off-by: Jon Maloy <jmaloy@redhat.com>
|
||||
---
|
||||
NetworkPkg/NetworkPkg.ci.yaml | 7 +-
|
||||
NetworkPkg/Test/NetworkPkgHostTest.dsc | 98 ++++++++++++++++++++++++++
|
||||
2 files changed, 104 insertions(+), 1 deletion(-)
|
||||
create mode 100644 NetworkPkg/Test/NetworkPkgHostTest.dsc
|
||||
|
||||
diff --git a/NetworkPkg/NetworkPkg.ci.yaml b/NetworkPkg/NetworkPkg.ci.yaml
|
||||
index 07dc7abd69..076424eb60 100644
|
||||
--- a/NetworkPkg/NetworkPkg.ci.yaml
|
||||
+++ b/NetworkPkg/NetworkPkg.ci.yaml
|
||||
@@ -24,6 +24,9 @@
|
||||
"CompilerPlugin": {
|
||||
"DscPath": "NetworkPkg.dsc"
|
||||
},
|
||||
+ "HostUnitTestCompilerPlugin": {
|
||||
+ "DscPath": "Test/NetworkPkgHostTest.dsc"
|
||||
+ },
|
||||
"CharEncodingCheck": {
|
||||
"IgnoreFiles": []
|
||||
},
|
||||
@@ -35,7 +38,9 @@
|
||||
"CryptoPkg/CryptoPkg.dec"
|
||||
],
|
||||
# For host based unit tests
|
||||
- "AcceptableDependencies-HOST_APPLICATION":[],
|
||||
+ "AcceptableDependencies-HOST_APPLICATION":[
|
||||
+ UnitTestFrameworkPkg/UnitTestFrameworkPkg.dec
|
||||
+ ],
|
||||
# For UEFI shell based apps
|
||||
"AcceptableDependencies-UEFI_APPLICATION":[
|
||||
"ShellPkg/ShellPkg.dec"
|
||||
diff --git a/NetworkPkg/Test/NetworkPkgHostTest.dsc b/NetworkPkg/Test/NetworkPkgHostTest.dsc
|
||||
new file mode 100644
|
||||
index 0000000000..1aeca5c5b3
|
||||
--- /dev/null
|
||||
+++ b/NetworkPkg/Test/NetworkPkgHostTest.dsc
|
||||
@@ -0,0 +1,98 @@
|
||||
+## @file
|
||||
+# NetworkPkgHostTest DSC file used to build host-based unit tests.
|
||||
+#
|
||||
+# Copyright (c) Microsoft Corporation.<BR>
|
||||
+# SPDX-License-Identifier: BSD-2-Clause-Patent
|
||||
+#
|
||||
+##
|
||||
+[Defines]
|
||||
+ PLATFORM_NAME = NetworkPkgHostTest
|
||||
+ PLATFORM_GUID = 3b68324e-fc07-4d49-9520-9347ede65879
|
||||
+ PLATFORM_VERSION = 0.1
|
||||
+ DSC_SPECIFICATION = 0x00010005
|
||||
+ OUTPUT_DIRECTORY = Build/NetworkPkg/HostTest
|
||||
+ SUPPORTED_ARCHITECTURES = IA32|X64|AARCH64
|
||||
+ BUILD_TARGETS = NOOPT
|
||||
+ SKUID_IDENTIFIER = DEFAULT
|
||||
+
|
||||
+!include UnitTestFrameworkPkg/UnitTestFrameworkPkgHost.dsc.inc
|
||||
+[Packages]
|
||||
+ MdePkg/MdePkg.dec
|
||||
+ UnitTestFrameworkPkg/UnitTestFrameworkPkg.dec
|
||||
+
|
||||
+[Components]
|
||||
+ #
|
||||
+ # Build HOST_APPLICATION that tests NetworkPkg
|
||||
+ #
|
||||
+
|
||||
+# Despite these library classes being listed in [LibraryClasses] below, they are not needed for the host-based unit tests.
|
||||
+[LibraryClasses]
|
||||
+ NetLib|NetworkPkg/Library/DxeNetLib/DxeNetLib.inf
|
||||
+ DebugLib|MdePkg/Library/BaseDebugLibNull/BaseDebugLibNull.inf
|
||||
+ BaseLib|MdePkg/Library/BaseLib/BaseLib.inf
|
||||
+ BaseMemoryLib|MdePkg/Library/BaseMemoryLib/BaseMemoryLib.inf
|
||||
+ DevicePathLib|MdePkg/Library/UefiDevicePathLib/UefiDevicePathLib.inf
|
||||
+ HiiLib|MdeModulePkg/Library/UefiHiiLib/UefiHiiLib.inf
|
||||
+ MemoryAllocationLib|MdePkg/Library/UefiMemoryAllocationLib/UefiMemoryAllocationLib.inf
|
||||
+ PcdLib|MdePkg/Library/BasePcdLibNull/BasePcdLibNull.inf
|
||||
+ PrintLib|MdePkg/Library/BasePrintLib/BasePrintLib.inf
|
||||
+ UefiDriverEntryPoint|MdePkg/Library/UefiDriverEntryPoint/UefiDriverEntryPoint.inf
|
||||
+ UefiApplicationEntryPoint|MdePkg/Library/UefiApplicationEntryPoint/UefiApplicationEntryPoint.inf
|
||||
+ UefiBootServicesTableLib|MdePkg/Library/UefiBootServicesTableLib/UefiBootServicesTableLib.inf
|
||||
+ UefiLib|MdePkg/Library/UefiLib/UefiLib.inf
|
||||
+ UefiRuntimeServicesTableLib|MdePkg/Library/UefiRuntimeServicesTableLib/UefiRuntimeServicesTableLib.inf
|
||||
+ UefiHiiServicesLib|MdeModulePkg/Library/UefiHiiServicesLib/UefiHiiServicesLib.inf
|
||||
+ UefiBootManagerLib|MdeModulePkg/Library/UefiBootManagerLib/UefiBootManagerLib.inf
|
||||
+ TimerLib|MdePkg/Library/BaseTimerLibNullTemplate/BaseTimerLibNullTemplate.inf
|
||||
+ PerformanceLib|MdePkg/Library/BasePerformanceLibNull/BasePerformanceLibNull.inf
|
||||
+ PeCoffGetEntryPointLib|MdePkg/Library/BasePeCoffGetEntryPointLib/BasePeCoffGetEntryPointLib.inf
|
||||
+ DxeServicesLib|MdePkg/Library/DxeServicesLib/DxeServicesLib.inf
|
||||
+ DxeServicesTableLib|MdePkg/Library/DxeServicesTableLib/DxeServicesTableLib.inf
|
||||
+ SafeIntLib|MdePkg/Library/BaseSafeIntLib/BaseSafeIntLib.inf
|
||||
+ RngLib|MdePkg/Library/BaseRngLib/BaseRngLib.inf
|
||||
+ VariablePolicyHelperLib|MdeModulePkg/Library/VariablePolicyHelperLib/VariablePolicyHelperLib.inf
|
||||
+!ifdef CONTINUOUS_INTEGRATION
|
||||
+ BaseCryptLib|CryptoPkg/Library/BaseCryptLibNull/BaseCryptLibNull.inf
|
||||
+ TlsLib|CryptoPkg/Library/TlsLibNull/TlsLibNull.inf
|
||||
+!else
|
||||
+ BaseCryptLib|CryptoPkg/Library/BaseCryptLib/BaseCryptLib.inf
|
||||
+ OpensslLib|CryptoPkg/Library/OpensslLib/OpensslLib.inf
|
||||
+ TlsLib|CryptoPkg/Library/TlsLib/TlsLib.inf
|
||||
+!endif
|
||||
+ DebugPrintErrorLevelLib|MdePkg/Library/BaseDebugPrintErrorLevelLib/BaseDebugPrintErrorLevelLib.inf
|
||||
+ FileHandleLib|MdePkg/Library/UefiFileHandleLib/UefiFileHandleLib.inf
|
||||
+ FileExplorerLib|MdeModulePkg/Library/FileExplorerLib/FileExplorerLib.inf
|
||||
+ SortLib|MdeModulePkg/Library/UefiSortLib/UefiSortLib.inf
|
||||
+ IntrinsicLib|CryptoPkg/Library/IntrinsicLib/IntrinsicLib.inf
|
||||
+
|
||||
+!if $(TOOL_CHAIN_TAG) == VS2019 or $(TOOL_CHAIN_TAG) == VS2022
|
||||
+[LibraryClasses.X64]
|
||||
+ # Provide StackCookie support lib so that we can link to /GS exports for VS builds
|
||||
+ RngLib|MdePkg/Library/BaseRngLib/BaseRngLib.inf
|
||||
+!endif
|
||||
+
|
||||
+[LibraryClasses.common.UEFI_DRIVER]
|
||||
+ HobLib|MdePkg/Library/DxeHobLib/DxeHobLib.inf
|
||||
+ ReportStatusCodeLib|MdeModulePkg/Library/DxeReportStatusCodeLib/DxeReportStatusCodeLib.inf
|
||||
+ DebugLib|MdePkg/Library/UefiDebugLibConOut/UefiDebugLibConOut.inf
|
||||
+[LibraryClasses.common.UEFI_APPLICATION]
|
||||
+ DebugLib|MdePkg/Library/UefiDebugLibStdErr/UefiDebugLibStdErr.inf
|
||||
+ ShellLib|ShellPkg/Library/UefiShellLib/UefiShellLib.inf
|
||||
+[LibraryClasses.ARM, LibraryClasses.AARCH64]
|
||||
+ #
|
||||
+ # It is not possible to prevent ARM compiler calls to generic intrinsic functions.
|
||||
+ # This library provides the instrinsic functions generated by a given compiler.
|
||||
+ # [LibraryClasses.ARM] and NULL mean link this library into all ARM images.
|
||||
+ #
|
||||
+!if $(TOOL_CHAIN_TAG) != VS2017 and $(TOOL_CHAIN_TAG) != VS2015 and $(TOOL_CHAIN_TAG) != VS2019
|
||||
+ NULL|ArmPkg/Library/CompilerIntrinsicsLib/CompilerIntrinsicsLib.inf
|
||||
+!endif
|
||||
+ NULL|MdePkg/Library/BaseStackCheckLib/BaseStackCheckLib.inf
|
||||
+[LibraryClasses.ARM]
|
||||
+ RngLib|MdePkg/Library/BaseRngLibTimerLib/BaseRngLibTimerLib.inf
|
||||
+[LibraryClasses.RISCV64]
|
||||
+ RngLib|MdePkg/Library/BaseRngLibTimerLib/BaseRngLibTimerLib.inf
|
||||
+
|
||||
+[PcdsFixedAtBuild]
|
||||
+ gEfiMdePkgTokenSpaceGuid.PcdDebugPropertyMask|0x2
|
||||
+ gEfiNetworkPkgTokenSpaceGuid.PcdDhcp6UidType|0x4
|
||||
--
|
||||
2.41.0
|
||||
|
File diff suppressed because it is too large
Load Diff
@ -0,0 +1,630 @@
|
||||
From c4b0517aaa38857640b4b08b55803ae8a833c1e7 Mon Sep 17 00:00:00 2001
|
||||
From: Jon Maloy <jmaloy@redhat.com>
|
||||
Date: Thu, 8 Feb 2024 10:35:14 -0500
|
||||
Subject: [PATCH 03/18] NetworkPkg: Dhcp6Dxe: SECURITY PATCH CVE-2023-45230
|
||||
Unit Tests
|
||||
|
||||
RH-Author: Jon Maloy <jmaloy@redhat.com>
|
||||
RH-MergeRequest: 54: NetworkPkg: Dhcp6Dxe: SECURITY PATCH CVE-2023-45230 Patch
|
||||
RH-Jira: RHEL-21841 RHEL-21843 RHEL-21845 RHEL-21847 RHEL-21849 RHEL-21851 RHEL-21853
|
||||
RH-Acked-by: Gerd Hoffmann <None>
|
||||
RH-Acked-by: Laszlo Ersek <lersek@redhat.com>
|
||||
RH-Commit: [3/18] 0fe85bcd3683b2424bcd91ad1495d1b79eb07405
|
||||
|
||||
JIRA: https://issues.redhat.com/browse/RHEL-21843
|
||||
CVE: CVE-2023-45230
|
||||
Upstream: Merged
|
||||
|
||||
commit 5f3658197bf29c83b3349b0ab1d99cdb0c3814bc
|
||||
Author: Doug Flick via groups.io <dougflick=microsoft.com@groups.io>
|
||||
Date: Fri Jan 26 05:54:45 2024 +0800
|
||||
|
||||
NetworkPkg: Dhcp6Dxe: SECURITY PATCH CVE-2023-45230 Unit Tests
|
||||
|
||||
REF: https://bugzilla.tianocore.org/show_bug.cgi?id=4535
|
||||
|
||||
Confirms that reported issue...
|
||||
|
||||
"Buffer overflow in the DHCPv6 client via a long Server ID option"
|
||||
|
||||
..has been corrected by the provided patch.
|
||||
|
||||
Tests the following functions to ensure they appropriately handle
|
||||
untrusted data (either too long or too small) to prevent a buffer
|
||||
overflow:
|
||||
|
||||
Dhcp6AppendOption
|
||||
Dhcp6AppendETOption
|
||||
Dhcp6AppendIaOption
|
||||
|
||||
Cc: Saloni Kasbekar <saloni.kasbekar@intel.com>
|
||||
Cc: Zachary Clark-williams <zachary.clark-williams@intel.com>
|
||||
|
||||
Signed-off-by: Doug Flick [MSFT] <doug.edk2@gmail.com>
|
||||
Reviewed-by: Saloni Kasbekar <saloni.kasbekar@intel.com>
|
||||
|
||||
Signed-off-by: Jon Maloy <jmaloy@redhat.com>
|
||||
---
|
||||
.../GoogleTest/Dhcp6DxeGoogleTest.cpp | 20 +
|
||||
.../GoogleTest/Dhcp6DxeGoogleTest.inf | 43 ++
|
||||
.../Dhcp6Dxe/GoogleTest/Dhcp6IoGoogleTest.cpp | 478 ++++++++++++++++++
|
||||
NetworkPkg/Test/NetworkPkgHostTest.dsc | 1 +
|
||||
4 files changed, 542 insertions(+)
|
||||
create mode 100644 NetworkPkg/Dhcp6Dxe/GoogleTest/Dhcp6DxeGoogleTest.cpp
|
||||
create mode 100644 NetworkPkg/Dhcp6Dxe/GoogleTest/Dhcp6DxeGoogleTest.inf
|
||||
create mode 100644 NetworkPkg/Dhcp6Dxe/GoogleTest/Dhcp6IoGoogleTest.cpp
|
||||
|
||||
diff --git a/NetworkPkg/Dhcp6Dxe/GoogleTest/Dhcp6DxeGoogleTest.cpp b/NetworkPkg/Dhcp6Dxe/GoogleTest/Dhcp6DxeGoogleTest.cpp
|
||||
new file mode 100644
|
||||
index 0000000000..9aeced2f91
|
||||
--- /dev/null
|
||||
+++ b/NetworkPkg/Dhcp6Dxe/GoogleTest/Dhcp6DxeGoogleTest.cpp
|
||||
@@ -0,0 +1,20 @@
|
||||
+/** @file
|
||||
+ Acts as the main entry point for the tests for the Dhcp6Dxe module.
|
||||
+
|
||||
+ Copyright (c) Microsoft Corporation
|
||||
+ SPDX-License-Identifier: BSD-2-Clause-Patent
|
||||
+**/
|
||||
+#include <gtest/gtest.h>
|
||||
+
|
||||
+////////////////////////////////////////////////////////////////////////////////
|
||||
+// Run the tests
|
||||
+////////////////////////////////////////////////////////////////////////////////
|
||||
+int
|
||||
+main (
|
||||
+ int argc,
|
||||
+ char *argv[]
|
||||
+ )
|
||||
+{
|
||||
+ testing::InitGoogleTest (&argc, argv);
|
||||
+ return RUN_ALL_TESTS ();
|
||||
+}
|
||||
diff --git a/NetworkPkg/Dhcp6Dxe/GoogleTest/Dhcp6DxeGoogleTest.inf b/NetworkPkg/Dhcp6Dxe/GoogleTest/Dhcp6DxeGoogleTest.inf
|
||||
new file mode 100644
|
||||
index 0000000000..8e9119a371
|
||||
--- /dev/null
|
||||
+++ b/NetworkPkg/Dhcp6Dxe/GoogleTest/Dhcp6DxeGoogleTest.inf
|
||||
@@ -0,0 +1,43 @@
|
||||
+## @file
|
||||
+# Unit test suite for the Dhcp6Dxe using Google Test
|
||||
+#
|
||||
+# Copyright (c) Microsoft Corporation.<BR>
|
||||
+# SPDX-License-Identifier: BSD-2-Clause-Patent
|
||||
+##
|
||||
+[Defines]
|
||||
+ INF_VERSION = 0x00010017
|
||||
+ BASE_NAME = Dhcp6DxeGoogleTest
|
||||
+ FILE_GUID = 1D2A4C65-38C8-4C2F-BB60-B5FA49625AA9
|
||||
+ VERSION_STRING = 1.0
|
||||
+ MODULE_TYPE = HOST_APPLICATION
|
||||
+#
|
||||
+# The following information is for reference only and not required by the build tools.
|
||||
+#
|
||||
+# VALID_ARCHITECTURES = IA32 X64 AARCH64
|
||||
+#
|
||||
+[Sources]
|
||||
+ Dhcp6DxeGoogleTest.cpp
|
||||
+ Dhcp6IoGoogleTest.cpp
|
||||
+ ../Dhcp6Io.c
|
||||
+ ../Dhcp6Utility.c
|
||||
+
|
||||
+[Packages]
|
||||
+ MdePkg/MdePkg.dec
|
||||
+ MdeModulePkg/MdeModulePkg.dec
|
||||
+ UnitTestFrameworkPkg/UnitTestFrameworkPkg.dec
|
||||
+ NetworkPkg/NetworkPkg.dec
|
||||
+
|
||||
+[LibraryClasses]
|
||||
+ GoogleTestLib
|
||||
+ DebugLib
|
||||
+ NetLib
|
||||
+ PcdLib
|
||||
+
|
||||
+[Protocols]
|
||||
+ gEfiDhcp6ServiceBindingProtocolGuid
|
||||
+
|
||||
+[Pcd]
|
||||
+ gEfiNetworkPkgTokenSpaceGuid.PcdDhcp6UidType
|
||||
+
|
||||
+[Guids]
|
||||
+ gZeroGuid
|
||||
diff --git a/NetworkPkg/Dhcp6Dxe/GoogleTest/Dhcp6IoGoogleTest.cpp b/NetworkPkg/Dhcp6Dxe/GoogleTest/Dhcp6IoGoogleTest.cpp
|
||||
new file mode 100644
|
||||
index 0000000000..7ee40e4af4
|
||||
--- /dev/null
|
||||
+++ b/NetworkPkg/Dhcp6Dxe/GoogleTest/Dhcp6IoGoogleTest.cpp
|
||||
@@ -0,0 +1,478 @@
|
||||
+/** @file
|
||||
+ Tests for Dhcp6Io.c.
|
||||
+
|
||||
+ Copyright (c) Microsoft Corporation
|
||||
+ SPDX-License-Identifier: BSD-2-Clause-Patent
|
||||
+**/
|
||||
+#include <gtest/gtest.h>
|
||||
+
|
||||
+extern "C" {
|
||||
+ #include <Uefi.h>
|
||||
+ #include <Library/BaseLib.h>
|
||||
+ #include <Library/DebugLib.h>
|
||||
+ #include <Library/BaseMemoryLib.h>
|
||||
+ #include "../Dhcp6Impl.h"
|
||||
+ #include "../Dhcp6Utility.h"
|
||||
+}
|
||||
+
|
||||
+////////////////////////////////////////////////////////////////////////
|
||||
+// Defines
|
||||
+////////////////////////////////////////////////////////////////////////
|
||||
+
|
||||
+#define DHCP6_PACKET_MAX_LEN 1500
|
||||
+
|
||||
+////////////////////////////////////////////////////////////////////////
|
||||
+////////////////////////////////////////////////////////////////////////
|
||||
+// Symbol Definitions
|
||||
+// These functions are not directly under test - but required to compile
|
||||
+////////////////////////////////////////////////////////////////////////
|
||||
+
|
||||
+// This definition is used by this test but is also required to compile
|
||||
+// by Dhcp6Io.c
|
||||
+EFI_IPv6_ADDRESS mAllDhcpRelayAndServersAddress = {
|
||||
+ { 0xFF, 2, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 1, 0, 2 }
|
||||
+};
|
||||
+
|
||||
+EFI_STATUS
|
||||
+EFIAPI
|
||||
+UdpIoSendDatagram (
|
||||
+ IN UDP_IO *UdpIo,
|
||||
+ IN NET_BUF *Packet,
|
||||
+ IN UDP_END_POINT *EndPoint OPTIONAL,
|
||||
+ IN EFI_IP_ADDRESS *Gateway OPTIONAL,
|
||||
+ IN UDP_IO_CALLBACK CallBack,
|
||||
+ IN VOID *Context
|
||||
+ )
|
||||
+{
|
||||
+ return EFI_SUCCESS;
|
||||
+}
|
||||
+
|
||||
+EFI_STATUS
|
||||
+EFIAPI
|
||||
+UdpIoRecvDatagram (
|
||||
+ IN UDP_IO *UdpIo,
|
||||
+ IN UDP_IO_CALLBACK CallBack,
|
||||
+ IN VOID *Context,
|
||||
+ IN UINT32 HeadLen
|
||||
+ )
|
||||
+{
|
||||
+ return EFI_SUCCESS;
|
||||
+}
|
||||
+
|
||||
+////////////////////////////////////////////////////////////////////////
|
||||
+// Dhcp6AppendOptionTest Tests
|
||||
+////////////////////////////////////////////////////////////////////////
|
||||
+
|
||||
+class Dhcp6AppendOptionTest : public ::testing::Test {
|
||||
+public:
|
||||
+ UINT8 *Buffer = NULL;
|
||||
+ EFI_DHCP6_PACKET *Packet;
|
||||
+
|
||||
+protected:
|
||||
+ // Add any setup code if needed
|
||||
+ virtual void
|
||||
+ SetUp (
|
||||
+ )
|
||||
+ {
|
||||
+ // Initialize any resources or variables
|
||||
+ Buffer = (UINT8 *)AllocateZeroPool (DHCP6_PACKET_MAX_LEN);
|
||||
+ ASSERT_NE (Buffer, (UINT8 *)NULL);
|
||||
+
|
||||
+ Packet = (EFI_DHCP6_PACKET *)Buffer;
|
||||
+ Packet->Size = DHCP6_PACKET_MAX_LEN;
|
||||
+ }
|
||||
+
|
||||
+ // Add any cleanup code if needed
|
||||
+ virtual void
|
||||
+ TearDown (
|
||||
+ )
|
||||
+ {
|
||||
+ // Clean up any resources or variables
|
||||
+ if (Buffer != NULL) {
|
||||
+ FreePool (Buffer);
|
||||
+ }
|
||||
+ }
|
||||
+};
|
||||
+
|
||||
+// Test Description:
|
||||
+// Attempt to append an option to a packet that is too small by a duid that is too large
|
||||
+TEST_F (Dhcp6AppendOptionTest, InvalidDataExpectBufferTooSmall) {
|
||||
+ UINT8 *Cursor;
|
||||
+ EFI_DHCP6_DUID *UntrustedDuid;
|
||||
+ EFI_STATUS Status;
|
||||
+
|
||||
+ UntrustedDuid = (EFI_DHCP6_DUID *)AllocateZeroPool (sizeof (EFI_DHCP6_DUID));
|
||||
+ ASSERT_NE (UntrustedDuid, (EFI_DHCP6_DUID *)NULL);
|
||||
+
|
||||
+ UntrustedDuid->Length = NTOHS (0xFFFF);
|
||||
+
|
||||
+ Cursor = Dhcp6AppendOptionTest::Packet->Dhcp6.Option;
|
||||
+
|
||||
+ Status = Dhcp6AppendOption (
|
||||
+ Dhcp6AppendOptionTest::Packet,
|
||||
+ &Cursor,
|
||||
+ HTONS (Dhcp6OptServerId),
|
||||
+ UntrustedDuid->Length,
|
||||
+ UntrustedDuid->Duid
|
||||
+ );
|
||||
+
|
||||
+ ASSERT_EQ (Status, EFI_BUFFER_TOO_SMALL);
|
||||
+}
|
||||
+
|
||||
+// Test Description:
|
||||
+// Attempt to append an option to a packet that is large enough
|
||||
+TEST_F (Dhcp6AppendOptionTest, ValidDataExpectSuccess) {
|
||||
+ UINT8 *Cursor;
|
||||
+ EFI_DHCP6_DUID *UntrustedDuid;
|
||||
+ EFI_STATUS Status;
|
||||
+ UINTN OriginalLength;
|
||||
+
|
||||
+ UINT8 Duid[6] = { 0x00, 0x01, 0x02, 0x03, 0x04, 0x05 };
|
||||
+
|
||||
+ Packet->Length = sizeof (EFI_DHCP6_HEADER);
|
||||
+ OriginalLength = Packet->Length;
|
||||
+
|
||||
+ UntrustedDuid = (EFI_DHCP6_DUID *)AllocateZeroPool (sizeof (EFI_DHCP6_DUID));
|
||||
+ ASSERT_NE (UntrustedDuid, (EFI_DHCP6_DUID *)NULL);
|
||||
+
|
||||
+ UntrustedDuid->Length = NTOHS (sizeof (Duid));
|
||||
+ CopyMem (UntrustedDuid->Duid, Duid, sizeof (Duid));
|
||||
+
|
||||
+ Cursor = Dhcp6AppendOptionTest::Packet->Dhcp6.Option;
|
||||
+
|
||||
+ Status = Dhcp6AppendOption (
|
||||
+ Dhcp6AppendOptionTest::Packet,
|
||||
+ &Cursor,
|
||||
+ HTONS (Dhcp6OptServerId),
|
||||
+ UntrustedDuid->Length,
|
||||
+ UntrustedDuid->Duid
|
||||
+ );
|
||||
+
|
||||
+ ASSERT_EQ (Status, EFI_SUCCESS);
|
||||
+
|
||||
+ // verify that the pointer to cursor moved by the expected amount
|
||||
+ ASSERT_EQ (Cursor, (UINT8 *)Dhcp6AppendOptionTest::Packet->Dhcp6.Option + sizeof (Duid) + 4);
|
||||
+
|
||||
+ // verify that the length of the packet is now the expected amount
|
||||
+ ASSERT_EQ (Dhcp6AppendOptionTest::Packet->Length, OriginalLength + sizeof (Duid) + 4);
|
||||
+}
|
||||
+
|
||||
+////////////////////////////////////////////////////////////////////////
|
||||
+// Dhcp6AppendETOption Tests
|
||||
+////////////////////////////////////////////////////////////////////////
|
||||
+
|
||||
+class Dhcp6AppendETOptionTest : public ::testing::Test {
|
||||
+public:
|
||||
+ UINT8 *Buffer = NULL;
|
||||
+ EFI_DHCP6_PACKET *Packet;
|
||||
+
|
||||
+protected:
|
||||
+ // Add any setup code if needed
|
||||
+ virtual void
|
||||
+ SetUp (
|
||||
+ )
|
||||
+ {
|
||||
+ // Initialize any resources or variables
|
||||
+ Buffer = (UINT8 *)AllocateZeroPool (DHCP6_PACKET_MAX_LEN);
|
||||
+ ASSERT_NE (Buffer, (UINT8 *)NULL);
|
||||
+
|
||||
+ Packet = (EFI_DHCP6_PACKET *)Buffer;
|
||||
+ Packet->Size = DHCP6_PACKET_MAX_LEN;
|
||||
+ Packet->Length = sizeof (EFI_DHCP6_HEADER);
|
||||
+ }
|
||||
+
|
||||
+ // Add any cleanup code if needed
|
||||
+ virtual void
|
||||
+ TearDown (
|
||||
+ )
|
||||
+ {
|
||||
+ // Clean up any resources or variables
|
||||
+ if (Buffer != NULL) {
|
||||
+ FreePool (Buffer);
|
||||
+ }
|
||||
+ }
|
||||
+};
|
||||
+
|
||||
+// Test Description:
|
||||
+// Attempt to append an option to a packet that is too small by a duid that is too large
|
||||
+TEST_F (Dhcp6AppendETOptionTest, InvalidDataExpectBufferTooSmall) {
|
||||
+ UINT8 *Cursor;
|
||||
+ EFI_STATUS Status;
|
||||
+ DHCP6_INSTANCE Instance;
|
||||
+ UINT16 ElapsedTimeVal;
|
||||
+ UINT16 *ElapsedTime;
|
||||
+
|
||||
+ Cursor = Dhcp6AppendETOptionTest::Packet->Dhcp6.Option;
|
||||
+ ElapsedTime = &ElapsedTimeVal;
|
||||
+
|
||||
+ Packet->Length = Packet->Size - 2;
|
||||
+
|
||||
+ Status = Dhcp6AppendETOption (
|
||||
+ Dhcp6AppendETOptionTest::Packet,
|
||||
+ &Cursor,
|
||||
+ &Instance, // Instance is not used in this function
|
||||
+ &ElapsedTime
|
||||
+ );
|
||||
+
|
||||
+ // verify that we error out because the packet is too small for the option header
|
||||
+ ASSERT_EQ (Status, EFI_BUFFER_TOO_SMALL);
|
||||
+
|
||||
+ // reset the length
|
||||
+ Packet->Length = sizeof (EFI_DHCP6_HEADER);
|
||||
+}
|
||||
+
|
||||
+// Test Description:
|
||||
+// Attempt to append an option to a packet that is large enough
|
||||
+TEST_F (Dhcp6AppendETOptionTest, ValidDataExpectSuccess) {
|
||||
+ UINT8 *Cursor;
|
||||
+ EFI_STATUS Status;
|
||||
+ DHCP6_INSTANCE Instance;
|
||||
+ UINT16 ElapsedTimeVal;
|
||||
+ UINT16 *ElapsedTime;
|
||||
+ UINTN ExpectedSize;
|
||||
+ UINTN OriginalLength;
|
||||
+
|
||||
+ Cursor = Dhcp6AppendETOptionTest::Packet->Dhcp6.Option;
|
||||
+ ElapsedTime = &ElapsedTimeVal;
|
||||
+ ExpectedSize = 6;
|
||||
+ OriginalLength = Packet->Length;
|
||||
+
|
||||
+ Status = Dhcp6AppendETOption (
|
||||
+ Dhcp6AppendETOptionTest::Packet,
|
||||
+ &Cursor,
|
||||
+ &Instance, // Instance is not used in this function
|
||||
+ &ElapsedTime
|
||||
+ );
|
||||
+
|
||||
+ // verify that the status is EFI_SUCCESS
|
||||
+ ASSERT_EQ (Status, EFI_SUCCESS);
|
||||
+
|
||||
+ // verify that the pointer to cursor moved by the expected amount
|
||||
+ ASSERT_EQ (Cursor, (UINT8 *)Dhcp6AppendETOptionTest::Packet->Dhcp6.Option + ExpectedSize);
|
||||
+
|
||||
+ // verify that the length of the packet is now the expected amount
|
||||
+ ASSERT_EQ (Dhcp6AppendETOptionTest::Packet->Length, OriginalLength + ExpectedSize);
|
||||
+}
|
||||
+
|
||||
+////////////////////////////////////////////////////////////////////////
|
||||
+// Dhcp6AppendIaOption Tests
|
||||
+////////////////////////////////////////////////////////////////////////
|
||||
+
|
||||
+class Dhcp6AppendIaOptionTest : public ::testing::Test {
|
||||
+public:
|
||||
+ UINT8 *Buffer = NULL;
|
||||
+ EFI_DHCP6_PACKET *Packet;
|
||||
+ EFI_DHCP6_IA *Ia;
|
||||
+
|
||||
+protected:
|
||||
+ // Add any setup code if needed
|
||||
+ virtual void
|
||||
+ SetUp (
|
||||
+ )
|
||||
+ {
|
||||
+ // Initialize any resources or variables
|
||||
+ Buffer = (UINT8 *)AllocateZeroPool (DHCP6_PACKET_MAX_LEN);
|
||||
+ ASSERT_NE (Buffer, (UINT8 *)NULL);
|
||||
+
|
||||
+ Packet = (EFI_DHCP6_PACKET *)Buffer;
|
||||
+ Packet->Size = DHCP6_PACKET_MAX_LEN;
|
||||
+
|
||||
+ Ia = (EFI_DHCP6_IA *)AllocateZeroPool (sizeof (EFI_DHCP6_IA) + sizeof (EFI_DHCP6_IA_ADDRESS) * 2);
|
||||
+ ASSERT_NE (Ia, (EFI_DHCP6_IA *)NULL);
|
||||
+
|
||||
+ CopyMem (Ia->IaAddress, mAllDhcpRelayAndServersAddress.Addr, sizeof (EFI_IPv6_ADDRESS));
|
||||
+ CopyMem (Ia->IaAddress + 1, mAllDhcpRelayAndServersAddress.Addr, sizeof (EFI_IPv6_ADDRESS));
|
||||
+
|
||||
+ Ia->IaAddressCount = 2;
|
||||
+ }
|
||||
+
|
||||
+ // Add any cleanup code if needed
|
||||
+ virtual void
|
||||
+ TearDown (
|
||||
+ )
|
||||
+ {
|
||||
+ // Clean up any resources or variables
|
||||
+ if (Buffer != NULL) {
|
||||
+ FreePool (Buffer);
|
||||
+ }
|
||||
+
|
||||
+ if (Ia != NULL) {
|
||||
+ FreePool (Ia);
|
||||
+ }
|
||||
+ }
|
||||
+};
|
||||
+
|
||||
+// Test Description:
|
||||
+// Attempt to append an option to a packet that doesn't have enough space
|
||||
+// for the option header
|
||||
+TEST_F (Dhcp6AppendIaOptionTest, IaNaInvalidDataExpectBufferTooSmall) {
|
||||
+ UINT8 *Cursor;
|
||||
+ EFI_STATUS Status;
|
||||
+
|
||||
+ Packet->Length = Packet->Size - 2;
|
||||
+
|
||||
+ Ia->Descriptor.Type = Dhcp6OptIana;
|
||||
+ Ia->Descriptor.IaId = 0x12345678;
|
||||
+
|
||||
+ Cursor = Dhcp6AppendIaOptionTest::Packet->Dhcp6.Option;
|
||||
+
|
||||
+ Status = Dhcp6AppendIaOption (
|
||||
+ Dhcp6AppendIaOptionTest::Packet,
|
||||
+ &Cursor,
|
||||
+ Ia,
|
||||
+ 0x12345678,
|
||||
+ 0x11111111,
|
||||
+ Dhcp6OptIana
|
||||
+ );
|
||||
+
|
||||
+ // verify that we error out because the packet is too small for the option header
|
||||
+ ASSERT_EQ (Status, EFI_BUFFER_TOO_SMALL);
|
||||
+
|
||||
+ // reset the length
|
||||
+ Packet->Length = sizeof (EFI_DHCP6_HEADER);
|
||||
+}
|
||||
+
|
||||
+// Test Description:
|
||||
+// Attempt to append an option to a packet that doesn't have enough space
|
||||
+// for the option header
|
||||
+TEST_F (Dhcp6AppendIaOptionTest, IaTaInvalidDataExpectBufferTooSmall) {
|
||||
+ UINT8 *Cursor;
|
||||
+ EFI_STATUS Status;
|
||||
+
|
||||
+ // Use up nearly all the space in the packet
|
||||
+ Packet->Length = Packet->Size - 2;
|
||||
+
|
||||
+ Ia->Descriptor.Type = Dhcp6OptIata;
|
||||
+ Ia->Descriptor.IaId = 0x12345678;
|
||||
+
|
||||
+ Cursor = Dhcp6AppendIaOptionTest::Packet->Dhcp6.Option;
|
||||
+
|
||||
+ Status = Dhcp6AppendIaOption (
|
||||
+ Dhcp6AppendIaOptionTest::Packet,
|
||||
+ &Cursor,
|
||||
+ Ia,
|
||||
+ 0,
|
||||
+ 0,
|
||||
+ Dhcp6OptIata
|
||||
+ );
|
||||
+
|
||||
+ // verify that we error out because the packet is too small for the option header
|
||||
+ ASSERT_EQ (Status, EFI_BUFFER_TOO_SMALL);
|
||||
+
|
||||
+ // reset the length
|
||||
+ Packet->Length = sizeof (EFI_DHCP6_HEADER);
|
||||
+}
|
||||
+
|
||||
+TEST_F (Dhcp6AppendIaOptionTest, IaNaValidDataExpectSuccess) {
|
||||
+ UINT8 *Cursor;
|
||||
+ EFI_STATUS Status;
|
||||
+ UINTN ExpectedSize;
|
||||
+ UINTN OriginalLength;
|
||||
+
|
||||
+ //
|
||||
+ // 2 bytes for the option header type
|
||||
+ //
|
||||
+ ExpectedSize = 2;
|
||||
+ //
|
||||
+ // 2 bytes for the option header length
|
||||
+ //
|
||||
+ ExpectedSize += 2;
|
||||
+ //
|
||||
+ // 4 bytes for the IAID
|
||||
+ //
|
||||
+ ExpectedSize += 4;
|
||||
+ //
|
||||
+ // + 4 bytes for the T1
|
||||
+ //
|
||||
+ ExpectedSize += 4;
|
||||
+ //
|
||||
+ // + 4 bytes for the T2
|
||||
+ //
|
||||
+ ExpectedSize += 4;
|
||||
+ //
|
||||
+ // + (4 + sizeof (EFI_DHCP6_IA_ADDRESS)) * 2;
|
||||
+ // + 2 bytes for the option header type
|
||||
+ // + 2 bytes for the option header length
|
||||
+ // + sizeof (EFI_DHCP6_IA_ADDRESS) for the IA Address
|
||||
+ //
|
||||
+ ExpectedSize += (4 + sizeof (EFI_DHCP6_IA_ADDRESS)) * 2;
|
||||
+
|
||||
+ Cursor = Dhcp6AppendIaOptionTest::Packet->Dhcp6.Option;
|
||||
+
|
||||
+ Packet->Length = sizeof (EFI_DHCP6_HEADER);
|
||||
+ OriginalLength = Packet->Length;
|
||||
+
|
||||
+ Ia->Descriptor.Type = Dhcp6OptIana;
|
||||
+ Ia->Descriptor.IaId = 0x12345678;
|
||||
+
|
||||
+ Status = Dhcp6AppendIaOption (
|
||||
+ Dhcp6AppendIaOptionTest::Packet,
|
||||
+ &Cursor,
|
||||
+ Ia,
|
||||
+ 0x12345678,
|
||||
+ 0x12345678,
|
||||
+ Dhcp6OptIana
|
||||
+ );
|
||||
+
|
||||
+ // verify that the pointer to cursor moved by the expected amount
|
||||
+ ASSERT_EQ (Cursor, (UINT8 *)Dhcp6AppendIaOptionTest::Packet->Dhcp6.Option + ExpectedSize);
|
||||
+
|
||||
+ // verify that the length of the packet is now the expected amount
|
||||
+ ASSERT_EQ (Dhcp6AppendIaOptionTest::Packet->Length, OriginalLength + ExpectedSize);
|
||||
+
|
||||
+ // verify that the status is EFI_SUCCESS
|
||||
+ ASSERT_EQ (Status, EFI_SUCCESS);
|
||||
+}
|
||||
+
|
||||
+TEST_F (Dhcp6AppendIaOptionTest, IaTaValidDataExpectSuccess) {
|
||||
+ UINT8 *Cursor;
|
||||
+ EFI_STATUS Status;
|
||||
+ UINTN ExpectedSize;
|
||||
+ UINTN OriginalLength;
|
||||
+
|
||||
+ //
|
||||
+ // 2 bytes for the option header type
|
||||
+ //
|
||||
+ ExpectedSize = 2;
|
||||
+ //
|
||||
+ // 2 bytes for the option header length
|
||||
+ //
|
||||
+ ExpectedSize += 2;
|
||||
+ //
|
||||
+ // 4 bytes for the IAID
|
||||
+ //
|
||||
+ ExpectedSize += 4;
|
||||
+ //
|
||||
+ // + (4 + sizeof (EFI_DHCP6_IA_ADDRESS)) * 2;
|
||||
+ // + 2 bytes for the option header type
|
||||
+ // + 2 bytes for the option header length
|
||||
+ // + sizeof (EFI_DHCP6_IA_ADDRESS) for the IA Address
|
||||
+ //
|
||||
+ ExpectedSize += (4 + sizeof (EFI_DHCP6_IA_ADDRESS)) * 2;
|
||||
+
|
||||
+ Cursor = Dhcp6AppendIaOptionTest::Packet->Dhcp6.Option;
|
||||
+
|
||||
+ Packet->Length = sizeof (EFI_DHCP6_HEADER);
|
||||
+ OriginalLength = Packet->Length;
|
||||
+
|
||||
+ Ia->Descriptor.Type = Dhcp6OptIata;
|
||||
+ Ia->Descriptor.IaId = 0x12345678;
|
||||
+
|
||||
+ Status = Dhcp6AppendIaOption (
|
||||
+ Dhcp6AppendIaOptionTest::Packet,
|
||||
+ &Cursor,
|
||||
+ Ia,
|
||||
+ 0,
|
||||
+ 0,
|
||||
+ Dhcp6OptIata
|
||||
+ );
|
||||
+
|
||||
+ // verify that the pointer to cursor moved by the expected amount
|
||||
+ ASSERT_EQ (Cursor, (UINT8 *)Dhcp6AppendIaOptionTest::Packet->Dhcp6.Option + ExpectedSize);
|
||||
+
|
||||
+ // verify that the length of the packet is now the expected amount
|
||||
+ ASSERT_EQ (Dhcp6AppendIaOptionTest::Packet->Length, OriginalLength + ExpectedSize);
|
||||
+
|
||||
+ // verify that the status is EFI_SUCCESS
|
||||
+ ASSERT_EQ (Status, EFI_SUCCESS);
|
||||
+}
|
||||
diff --git a/NetworkPkg/Test/NetworkPkgHostTest.dsc b/NetworkPkg/Test/NetworkPkgHostTest.dsc
|
||||
index 1aeca5c5b3..20bc90b172 100644
|
||||
--- a/NetworkPkg/Test/NetworkPkgHostTest.dsc
|
||||
+++ b/NetworkPkg/Test/NetworkPkgHostTest.dsc
|
||||
@@ -24,6 +24,7 @@
|
||||
#
|
||||
# Build HOST_APPLICATION that tests NetworkPkg
|
||||
#
|
||||
+ NetworkPkg/Dhcp6Dxe/GoogleTest/Dhcp6DxeGoogleTest.inf
|
||||
|
||||
# Despite these library classes being listed in [LibraryClasses] below, they are not needed for the host-based unit tests.
|
||||
[LibraryClasses]
|
||||
--
|
||||
2.39.3
|
||||
|
@ -0,0 +1,168 @@
|
||||
From 1afdf854f67fbaeea47f15efa0c34c0f1fe6a504 Mon Sep 17 00:00:00 2001
|
||||
From: Jon Maloy <jmaloy@redhat.com>
|
||||
Date: Fri, 16 Feb 2024 10:48:05 -0500
|
||||
Subject: [PATCH 10/18] NetworkPkg: UefiPxeBcDxe: SECURITY PATCH CVE-2023-45234
|
||||
Patch
|
||||
|
||||
RH-Author: Jon Maloy <jmaloy@redhat.com>
|
||||
RH-MergeRequest: 54: NetworkPkg: Dhcp6Dxe: SECURITY PATCH CVE-2023-45230 Patch
|
||||
RH-Jira: RHEL-21841 RHEL-21843 RHEL-21845 RHEL-21847 RHEL-21849 RHEL-21851 RHEL-21853
|
||||
RH-Acked-by: Gerd Hoffmann <None>
|
||||
RH-Acked-by: Laszlo Ersek <lersek@redhat.com>
|
||||
RH-Commit: [10/18] c7527c63ebe3afb55a2ef78103c1a57de26c36b7
|
||||
|
||||
JIRA: https://issues.redhat.com/browse/RHEL-21851
|
||||
CVE: CVE-2022-45234
|
||||
Upstream: Merged
|
||||
|
||||
commit 1b53515d53d303166b2bbd31e2cc7f16fd0aecd7
|
||||
Author: Doug Flick <dougflick@microsoft.com>
|
||||
Date: Fri Jan 26 05:54:52 2024 +0800
|
||||
|
||||
NetworkPkg: UefiPxeBcDxe: SECURITY PATCH CVE-2023-45234 Patch
|
||||
|
||||
REF:https://bugzilla.tianocore.org/show_bug.cgi?id=4539
|
||||
|
||||
Bug Details:
|
||||
PixieFail Bug #6
|
||||
CVE-2023-45234
|
||||
CVSS 8.3 : CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:L/A:H
|
||||
CWE-119 Improper Restriction of Operations within the Bounds of
|
||||
a Memory Buffer
|
||||
|
||||
Buffer overflow when processing DNS Servers option in a DHCPv6
|
||||
Advertise message
|
||||
|
||||
Change Overview:
|
||||
|
||||
Introduces a function to cache the Dns Server and perform sanitizing
|
||||
on the incoming DnsServerLen to ensure that the length is valid
|
||||
|
||||
> + EFI_STATUS
|
||||
> + PxeBcCacheDnsServerAddresses (
|
||||
> + IN PXEBC_PRIVATE_DATA *Private,
|
||||
> + IN PXEBC_DHCP6_PACKET_CACHE *Cache6
|
||||
> + )
|
||||
|
||||
Additional code cleanup
|
||||
|
||||
Cc: Saloni Kasbekar <saloni.kasbekar@intel.com>
|
||||
Cc: Zachary Clark-williams <zachary.clark-williams@intel.com>
|
||||
|
||||
Signed-off-by: Doug Flick [MSFT] <doug.edk2@gmail.com>
|
||||
Reviewed-by: Saloni Kasbekar <saloni.kasbekar@intel.com>
|
||||
|
||||
Signed-off-by: Jon Maloy <jmaloy@redhat.com>
|
||||
---
|
||||
NetworkPkg/UefiPxeBcDxe/PxeBcDhcp6.c | 71 +++++++++++++++++++++++++---
|
||||
1 file changed, 65 insertions(+), 6 deletions(-)
|
||||
|
||||
diff --git a/NetworkPkg/UefiPxeBcDxe/PxeBcDhcp6.c b/NetworkPkg/UefiPxeBcDxe/PxeBcDhcp6.c
|
||||
index 425e0cf806..2b2d372889 100644
|
||||
--- a/NetworkPkg/UefiPxeBcDxe/PxeBcDhcp6.c
|
||||
+++ b/NetworkPkg/UefiPxeBcDxe/PxeBcDhcp6.c
|
||||
@@ -3,6 +3,7 @@
|
||||
|
||||
(C) Copyright 2014 Hewlett-Packard Development Company, L.P.<BR>
|
||||
Copyright (c) 2009 - 2018, Intel Corporation. All rights reserved.<BR>
|
||||
+ Copyright (c) Microsoft Corporation
|
||||
|
||||
SPDX-License-Identifier: BSD-2-Clause-Patent
|
||||
|
||||
@@ -1312,6 +1313,65 @@ PxeBcSelectDhcp6Offer (
|
||||
}
|
||||
}
|
||||
|
||||
+/**
|
||||
+ Cache the DHCPv6 DNS Server addresses
|
||||
+
|
||||
+ @param[in] Private The pointer to PXEBC_PRIVATE_DATA.
|
||||
+ @param[in] Cache6 The pointer to PXEBC_DHCP6_PACKET_CACHE.
|
||||
+
|
||||
+ @retval EFI_SUCCESS Cache the DHCPv6 DNS Server address successfully.
|
||||
+ @retval EFI_OUT_OF_RESOURCES Failed to allocate resources.
|
||||
+ @retval EFI_DEVICE_ERROR The DNS Server Address Length provided by a untrusted
|
||||
+ option is not a multiple of 16 bytes (sizeof (EFI_IPv6_ADDRESS)).
|
||||
+**/
|
||||
+EFI_STATUS
|
||||
+PxeBcCacheDnsServerAddresses (
|
||||
+ IN PXEBC_PRIVATE_DATA *Private,
|
||||
+ IN PXEBC_DHCP6_PACKET_CACHE *Cache6
|
||||
+ )
|
||||
+{
|
||||
+ UINT16 DnsServerLen;
|
||||
+
|
||||
+ DnsServerLen = NTOHS (Cache6->OptList[PXEBC_DHCP6_IDX_DNS_SERVER]->OpLen);
|
||||
+ //
|
||||
+ // Make sure that the number is nonzero
|
||||
+ //
|
||||
+ if (DnsServerLen == 0) {
|
||||
+ return EFI_DEVICE_ERROR;
|
||||
+ }
|
||||
+
|
||||
+ //
|
||||
+ // Make sure the DnsServerlen is a multiple of EFI_IPv6_ADDRESS (16)
|
||||
+ //
|
||||
+ if (DnsServerLen % sizeof (EFI_IPv6_ADDRESS) != 0) {
|
||||
+ return EFI_DEVICE_ERROR;
|
||||
+ }
|
||||
+
|
||||
+ //
|
||||
+ // This code is currently written to only support a single DNS Server instead
|
||||
+ // of multiple such as is spec defined (RFC3646, Section 3). The proper behavior
|
||||
+ // would be to allocate the full space requested, CopyMem all of the data,
|
||||
+ // and then add a DnsServerCount field to Private and update additional code
|
||||
+ // that depends on this.
|
||||
+ //
|
||||
+ // To support multiple DNS servers the `AllocationSize` would need to be changed to DnsServerLen
|
||||
+ //
|
||||
+ // This is tracked in https://bugzilla.tianocore.org/show_bug.cgi?id=1886
|
||||
+ //
|
||||
+ Private->DnsServer = AllocateZeroPool (sizeof (EFI_IPv6_ADDRESS));
|
||||
+ if (Private->DnsServer == NULL) {
|
||||
+ return EFI_OUT_OF_RESOURCES;
|
||||
+ }
|
||||
+
|
||||
+ //
|
||||
+ // Intentionally only copy over the first server address.
|
||||
+ // To support multiple DNS servers, the `Length` would need to be changed to DnsServerLen
|
||||
+ //
|
||||
+ CopyMem (Private->DnsServer, Cache6->OptList[PXEBC_DHCP6_IDX_DNS_SERVER]->Data, sizeof (EFI_IPv6_ADDRESS));
|
||||
+
|
||||
+ return EFI_SUCCESS;
|
||||
+}
|
||||
+
|
||||
/**
|
||||
Handle the DHCPv6 offer packet.
|
||||
|
||||
@@ -1335,6 +1395,7 @@ PxeBcHandleDhcp6Offer (
|
||||
UINT32 SelectIndex;
|
||||
UINT32 Index;
|
||||
|
||||
+ ASSERT (Private != NULL);
|
||||
ASSERT (Private->SelectIndex > 0);
|
||||
SelectIndex = (UINT32)(Private->SelectIndex - 1);
|
||||
ASSERT (SelectIndex < PXEBC_OFFER_MAX_NUM);
|
||||
@@ -1342,15 +1403,13 @@ PxeBcHandleDhcp6Offer (
|
||||
Status = EFI_SUCCESS;
|
||||
|
||||
//
|
||||
- // First try to cache DNS server address if DHCP6 offer provides.
|
||||
+ // First try to cache DNS server addresses if DHCP6 offer provides.
|
||||
//
|
||||
if (Cache6->OptList[PXEBC_DHCP6_IDX_DNS_SERVER] != NULL) {
|
||||
- Private->DnsServer = AllocateZeroPool (NTOHS (Cache6->OptList[PXEBC_DHCP6_IDX_DNS_SERVER]->OpLen));
|
||||
- if (Private->DnsServer == NULL) {
|
||||
- return EFI_OUT_OF_RESOURCES;
|
||||
+ Status = PxeBcCacheDnsServerAddresses (Private, Cache6);
|
||||
+ if (EFI_ERROR (Status)) {
|
||||
+ return Status;
|
||||
}
|
||||
-
|
||||
- CopyMem (Private->DnsServer, Cache6->OptList[PXEBC_DHCP6_IDX_DNS_SERVER]->Data, sizeof (EFI_IPv6_ADDRESS));
|
||||
}
|
||||
|
||||
if (Cache6->OfferType == PxeOfferTypeDhcpBinl) {
|
||||
--
|
||||
2.39.3
|
||||
|
@ -0,0 +1,511 @@
|
||||
From d60257df151a6c58aefe74c2d2baee59344318d2 Mon Sep 17 00:00:00 2001
|
||||
From: Jon Maloy <jmaloy@redhat.com>
|
||||
Date: Fri, 16 Feb 2024 10:48:05 -0500
|
||||
Subject: [PATCH 11/18] NetworkPkg: UefiPxeBcDxe: SECURITY PATCH CVE-2023-45234
|
||||
Unit Tests
|
||||
|
||||
RH-Author: Jon Maloy <jmaloy@redhat.com>
|
||||
RH-MergeRequest: 54: NetworkPkg: Dhcp6Dxe: SECURITY PATCH CVE-2023-45230 Patch
|
||||
RH-Jira: RHEL-21841 RHEL-21843 RHEL-21845 RHEL-21847 RHEL-21849 RHEL-21851 RHEL-21853
|
||||
RH-Acked-by: Gerd Hoffmann <None>
|
||||
RH-Acked-by: Laszlo Ersek <lersek@redhat.com>
|
||||
RH-Commit: [11/18] b917383d597172d4bf75548d9b281d08bf34e299
|
||||
|
||||
JIRA: https://issues.redhat.com/browse/RHEL-21851
|
||||
CVE: CVE-2022-45234
|
||||
Upstream: Merged
|
||||
|
||||
commit 458c582685fc0e8057d2511c5a0394078d988c17
|
||||
Author: Doug Flick <dougflick@microsoft.com>
|
||||
Date: Fri Jan 26 05:54:53 2024 +0800
|
||||
|
||||
NetworkPkg: UefiPxeBcDxe: SECURITY PATCH CVE-2023-45234 Unit Tests
|
||||
|
||||
REF:https://bugzilla.tianocore.org/show_bug.cgi?id=4539
|
||||
|
||||
Unit tests to that the bug..
|
||||
|
||||
Buffer overflow when processing DNS Servers option in a DHCPv6 Advertise
|
||||
message
|
||||
|
||||
..has been patched
|
||||
|
||||
This contains tests for the following functions:
|
||||
PxeBcHandleDhcp6Offer
|
||||
PxeBcCacheDnsServerAddresses
|
||||
|
||||
Cc: Saloni Kasbekar <saloni.kasbekar@intel.com>
|
||||
Cc: Zachary Clark-williams <zachary.clark-williams@intel.com>
|
||||
|
||||
Signed-off-by: Doug Flick [MSFT] <doug.edk2@gmail.com>
|
||||
Reviewed-by: Saloni Kasbekar <saloni.kasbekar@intel.com>
|
||||
|
||||
Signed-off-by: Jon Maloy <jmaloy@redhat.com>
|
||||
---
|
||||
NetworkPkg/Test/NetworkPkgHostTest.dsc | 1 +
|
||||
.../GoogleTest/PxeBcDhcp6GoogleTest.cpp | 300 ++++++++++++++++++
|
||||
.../GoogleTest/PxeBcDhcp6GoogleTest.h | 50 +++
|
||||
.../GoogleTest/UefiPxeBcDxeGoogleTest.cpp | 19 ++
|
||||
.../GoogleTest/UefiPxeBcDxeGoogleTest.inf | 48 +++
|
||||
5 files changed, 418 insertions(+)
|
||||
create mode 100644 NetworkPkg/UefiPxeBcDxe/GoogleTest/PxeBcDhcp6GoogleTest.cpp
|
||||
create mode 100644 NetworkPkg/UefiPxeBcDxe/GoogleTest/PxeBcDhcp6GoogleTest.h
|
||||
create mode 100644 NetworkPkg/UefiPxeBcDxe/GoogleTest/UefiPxeBcDxeGoogleTest.cpp
|
||||
create mode 100644 NetworkPkg/UefiPxeBcDxe/GoogleTest/UefiPxeBcDxeGoogleTest.inf
|
||||
|
||||
diff --git a/NetworkPkg/Test/NetworkPkgHostTest.dsc b/NetworkPkg/Test/NetworkPkgHostTest.dsc
|
||||
index 7fa7b0f9d5..a0273c4310 100644
|
||||
--- a/NetworkPkg/Test/NetworkPkgHostTest.dsc
|
||||
+++ b/NetworkPkg/Test/NetworkPkgHostTest.dsc
|
||||
@@ -25,6 +25,8 @@
|
||||
# Build HOST_APPLICATION that tests NetworkPkg
|
||||
#
|
||||
NetworkPkg/Dhcp6Dxe/GoogleTest/Dhcp6DxeGoogleTest.inf
|
||||
+ NetworkPkg/Ip6Dxe/GoogleTest/Ip6DxeGoogleTest.inf
|
||||
+ NetworkPkg/UefiPxeBcDxe/GoogleTest/UefiPxeBcDxeGoogleTest.inf
|
||||
|
||||
# Despite these library classes being listed in [LibraryClasses] below, they are not needed for the host-based unit tests.
|
||||
[LibraryClasses]
|
||||
diff --git a/NetworkPkg/UefiPxeBcDxe/GoogleTest/PxeBcDhcp6GoogleTest.cpp b/NetworkPkg/UefiPxeBcDxe/GoogleTest/PxeBcDhcp6GoogleTest.cpp
|
||||
new file mode 100644
|
||||
index 0000000000..8260eeee50
|
||||
--- /dev/null
|
||||
+++ b/NetworkPkg/UefiPxeBcDxe/GoogleTest/PxeBcDhcp6GoogleTest.cpp
|
||||
@@ -0,0 +1,300 @@
|
||||
+/** @file
|
||||
+ Host based unit test for PxeBcDhcp6.c.
|
||||
+
|
||||
+ Copyright (c) Microsoft Corporation
|
||||
+ SPDX-License-Identifier: BSD-2-Clause-Patent
|
||||
+**/
|
||||
+#include <gtest/gtest.h>
|
||||
+
|
||||
+extern "C" {
|
||||
+ #include <Uefi.h>
|
||||
+ #include <Library/BaseLib.h>
|
||||
+ #include <Library/DebugLib.h>
|
||||
+ #include "../PxeBcImpl.h"
|
||||
+ #include "../PxeBcDhcp6.h"
|
||||
+ #include "PxeBcDhcp6GoogleTest.h"
|
||||
+}
|
||||
+
|
||||
+///////////////////////////////////////////////////////////////////////////////
|
||||
+// Definitions
|
||||
+///////////////////////////////////////////////////////////////////////////////
|
||||
+
|
||||
+#define PACKET_SIZE (1500)
|
||||
+
|
||||
+typedef struct {
|
||||
+ UINT16 OptionCode; // The option code for DHCP6_OPT_SERVER_ID (e.g., 0x03)
|
||||
+ UINT16 OptionLen; // The length of the option (e.g., 16 bytes)
|
||||
+ UINT8 ServerId[16]; // The 16-byte DHCPv6 Server Identifier
|
||||
+} DHCP6_OPTION_SERVER_ID;
|
||||
+
|
||||
+///////////////////////////////////////////////////////////////////////////////
|
||||
+/// Symbol Definitions
|
||||
+///////////////////////////////////////////////////////////////////////////////
|
||||
+
|
||||
+EFI_STATUS
|
||||
+MockUdpWrite (
|
||||
+ IN EFI_PXE_BASE_CODE_PROTOCOL *This,
|
||||
+ IN UINT16 OpFlags,
|
||||
+ IN EFI_IP_ADDRESS *DestIp,
|
||||
+ IN EFI_PXE_BASE_CODE_UDP_PORT *DestPort,
|
||||
+ IN EFI_IP_ADDRESS *GatewayIp OPTIONAL,
|
||||
+ IN EFI_IP_ADDRESS *SrcIp OPTIONAL,
|
||||
+ IN OUT EFI_PXE_BASE_CODE_UDP_PORT *SrcPort OPTIONAL,
|
||||
+ IN UINTN *HeaderSize OPTIONAL,
|
||||
+ IN VOID *HeaderPtr OPTIONAL,
|
||||
+ IN UINTN *BufferSize,
|
||||
+ IN VOID *BufferPtr
|
||||
+ )
|
||||
+{
|
||||
+ return EFI_SUCCESS;
|
||||
+}
|
||||
+
|
||||
+EFI_STATUS
|
||||
+MockUdpRead (
|
||||
+ IN EFI_PXE_BASE_CODE_PROTOCOL *This,
|
||||
+ IN UINT16 OpFlags,
|
||||
+ IN OUT EFI_IP_ADDRESS *DestIp OPTIONAL,
|
||||
+ IN OUT EFI_PXE_BASE_CODE_UDP_PORT *DestPort OPTIONAL,
|
||||
+ IN OUT EFI_IP_ADDRESS *SrcIp OPTIONAL,
|
||||
+ IN OUT EFI_PXE_BASE_CODE_UDP_PORT *SrcPort OPTIONAL,
|
||||
+ IN UINTN *HeaderSize OPTIONAL,
|
||||
+ IN VOID *HeaderPtr OPTIONAL,
|
||||
+ IN OUT UINTN *BufferSize,
|
||||
+ IN VOID *BufferPtr
|
||||
+ )
|
||||
+{
|
||||
+ return EFI_SUCCESS;
|
||||
+}
|
||||
+
|
||||
+EFI_STATUS
|
||||
+MockConfigure (
|
||||
+ IN EFI_UDP6_PROTOCOL *This,
|
||||
+ IN EFI_UDP6_CONFIG_DATA *UdpConfigData OPTIONAL
|
||||
+ )
|
||||
+{
|
||||
+ return EFI_SUCCESS;
|
||||
+}
|
||||
+
|
||||
+// Needed by PxeBcSupport
|
||||
+EFI_STATUS
|
||||
+EFIAPI
|
||||
+QueueDpc (
|
||||
+ IN EFI_TPL DpcTpl,
|
||||
+ IN EFI_DPC_PROCEDURE DpcProcedure,
|
||||
+ IN VOID *DpcContext OPTIONAL
|
||||
+ )
|
||||
+{
|
||||
+ return EFI_SUCCESS;
|
||||
+}
|
||||
+
|
||||
+///////////////////////////////////////////////////////////////////////////////
|
||||
+// PxeBcHandleDhcp6OfferTest Tests
|
||||
+///////////////////////////////////////////////////////////////////////////////
|
||||
+
|
||||
+class PxeBcHandleDhcp6OfferTest : public ::testing::Test {
|
||||
+public:
|
||||
+ PXEBC_PRIVATE_DATA Private = { 0 };
|
||||
+ EFI_UDP6_PROTOCOL Udp6Read;
|
||||
+ EFI_PXE_BASE_CODE_MODE Mode = { 0 };
|
||||
+
|
||||
+protected:
|
||||
+ // Add any setup code if needed
|
||||
+ virtual void
|
||||
+ SetUp (
|
||||
+ )
|
||||
+ {
|
||||
+ Private.Dhcp6Request = (EFI_DHCP6_PACKET *)AllocateZeroPool (PACKET_SIZE);
|
||||
+
|
||||
+ // Need to setup the EFI_PXE_BASE_CODE_PROTOCOL
|
||||
+ // The function under test really only needs the following:
|
||||
+ // UdpWrite
|
||||
+ // UdpRead
|
||||
+
|
||||
+ Private.PxeBc.UdpWrite = (EFI_PXE_BASE_CODE_UDP_WRITE)MockUdpWrite;
|
||||
+ Private.PxeBc.UdpRead = (EFI_PXE_BASE_CODE_UDP_READ)MockUdpRead;
|
||||
+
|
||||
+ // Need to setup EFI_UDP6_PROTOCOL
|
||||
+ // The function under test really only needs the following:
|
||||
+ // Configure
|
||||
+
|
||||
+ Udp6Read.Configure = (EFI_UDP6_CONFIGURE)MockConfigure;
|
||||
+ Private.Udp6Read = &Udp6Read;
|
||||
+
|
||||
+ // Need to setup the EFI_PXE_BASE_CODE_MODE
|
||||
+ Private.PxeBc.Mode = &Mode;
|
||||
+
|
||||
+ // for this test it doesn't really matter what the Dhcpv6 ack is set to
|
||||
+ }
|
||||
+
|
||||
+ // Add any cleanup code if needed
|
||||
+ virtual void
|
||||
+ TearDown (
|
||||
+ )
|
||||
+ {
|
||||
+ if (Private.Dhcp6Request != NULL) {
|
||||
+ FreePool (Private.Dhcp6Request);
|
||||
+ }
|
||||
+
|
||||
+ // Clean up any resources or variables
|
||||
+ }
|
||||
+};
|
||||
+
|
||||
+// Note:
|
||||
+// Testing PxeBcHandleDhcp6Offer() is difficult because it depends on a
|
||||
+// properly setup Private structure. Attempting to properly test this function
|
||||
+// without a signficant refactor is a fools errand. Instead, we will test
|
||||
+// that we can prevent an overflow in the function.
|
||||
+TEST_F (PxeBcHandleDhcp6OfferTest, BasicUsageTest) {
|
||||
+ PXEBC_DHCP6_PACKET_CACHE *Cache6 = NULL;
|
||||
+ EFI_DHCP6_PACKET_OPTION Option = { 0 };
|
||||
+
|
||||
+ Private.SelectIndex = 1; // SelectIndex is 1-based
|
||||
+ Cache6 = &Private.OfferBuffer[Private.SelectIndex - 1].Dhcp6;
|
||||
+
|
||||
+ Cache6->OptList[PXEBC_DHCP6_IDX_DNS_SERVER] = &Option;
|
||||
+ // Setup the DHCPv6 offer packet
|
||||
+ Cache6->OptList[PXEBC_DHCP6_IDX_DNS_SERVER]->OpCode = DHCP6_OPT_SERVER_ID;
|
||||
+ Cache6->OptList[PXEBC_DHCP6_IDX_DNS_SERVER]->OpLen = NTOHS (1337);
|
||||
+
|
||||
+ ASSERT_EQ (PxeBcHandleDhcp6Offer (&(PxeBcHandleDhcp6OfferTest::Private)), EFI_DEVICE_ERROR);
|
||||
+}
|
||||
+
|
||||
+class PxeBcCacheDnsServerAddressesTest : public ::testing::Test {
|
||||
+public:
|
||||
+ PXEBC_PRIVATE_DATA Private = { 0 };
|
||||
+
|
||||
+protected:
|
||||
+ // Add any setup code if needed
|
||||
+ virtual void
|
||||
+ SetUp (
|
||||
+ )
|
||||
+ {
|
||||
+ }
|
||||
+
|
||||
+ // Add any cleanup code if needed
|
||||
+ virtual void
|
||||
+ TearDown (
|
||||
+ )
|
||||
+ {
|
||||
+ }
|
||||
+};
|
||||
+
|
||||
+// Test Description
|
||||
+// Test that we cache the DNS server address from the DHCPv6 offer packet
|
||||
+TEST_F (PxeBcCacheDnsServerAddressesTest, BasicUsageTest) {
|
||||
+ UINT8 SearchPattern[16] = { 0xDE, 0xAD, 0xBE, 0xEF, 0xDE, 0xAD, 0xBE, 0xEF, 0xDE, 0xAD, 0xBE, 0xEF, 0xDE, 0xAD, 0xBE, 0xEF };
|
||||
+ EFI_DHCP6_PACKET_OPTION *Option;
|
||||
+ PXEBC_DHCP6_PACKET_CACHE *Cache6 = NULL;
|
||||
+
|
||||
+ Option = (EFI_DHCP6_PACKET_OPTION *)AllocateZeroPool (sizeof (EFI_DHCP6_PACKET_OPTION) + sizeof (SearchPattern));
|
||||
+ ASSERT_NE (Option, nullptr);
|
||||
+
|
||||
+ Option->OpCode = DHCP6_OPT_SERVER_ID;
|
||||
+ Option->OpLen = NTOHS (sizeof (SearchPattern));
|
||||
+ CopyMem (Option->Data, SearchPattern, sizeof (SearchPattern));
|
||||
+
|
||||
+ Private.SelectIndex = 1; // SelectIndex is 1-based
|
||||
+ Cache6 = &Private.OfferBuffer[Private.SelectIndex - 1].Dhcp6;
|
||||
+ Cache6->OptList[PXEBC_DHCP6_IDX_DNS_SERVER] = Option;
|
||||
+
|
||||
+ Private.DnsServer = nullptr;
|
||||
+
|
||||
+ ASSERT_EQ (PxeBcCacheDnsServerAddresses (&(PxeBcCacheDnsServerAddressesTest::Private), Cache6), EFI_SUCCESS);
|
||||
+ ASSERT_NE (Private.DnsServer, nullptr);
|
||||
+ ASSERT_EQ (CompareMem (Private.DnsServer, SearchPattern, sizeof (SearchPattern)), 0);
|
||||
+
|
||||
+ if (Private.DnsServer) {
|
||||
+ FreePool (Private.DnsServer);
|
||||
+ }
|
||||
+
|
||||
+ if (Option) {
|
||||
+ FreePool (Option);
|
||||
+ }
|
||||
+}
|
||||
+// Test Description
|
||||
+// Test that we can prevent an overflow in the function
|
||||
+TEST_F (PxeBcCacheDnsServerAddressesTest, AttemptOverflowTest) {
|
||||
+ EFI_DHCP6_PACKET_OPTION Option = { 0 };
|
||||
+ PXEBC_DHCP6_PACKET_CACHE *Cache6 = NULL;
|
||||
+
|
||||
+ Private.SelectIndex = 1; // SelectIndex is 1-based
|
||||
+ Cache6 = &Private.OfferBuffer[Private.SelectIndex - 1].Dhcp6;
|
||||
+ Cache6->OptList[PXEBC_DHCP6_IDX_DNS_SERVER] = &Option;
|
||||
+ // Setup the DHCPv6 offer packet
|
||||
+ Cache6->OptList[PXEBC_DHCP6_IDX_DNS_SERVER]->OpCode = DHCP6_OPT_SERVER_ID;
|
||||
+ Cache6->OptList[PXEBC_DHCP6_IDX_DNS_SERVER]->OpLen = NTOHS (1337);
|
||||
+
|
||||
+ Private.DnsServer = NULL;
|
||||
+
|
||||
+ ASSERT_EQ (PxeBcCacheDnsServerAddresses (&(PxeBcCacheDnsServerAddressesTest::Private), Cache6), EFI_DEVICE_ERROR);
|
||||
+ ASSERT_EQ (Private.DnsServer, nullptr);
|
||||
+
|
||||
+ if (Private.DnsServer) {
|
||||
+ FreePool (Private.DnsServer);
|
||||
+ }
|
||||
+}
|
||||
+
|
||||
+// Test Description
|
||||
+// Test that we can prevent an underflow in the function
|
||||
+TEST_F (PxeBcCacheDnsServerAddressesTest, AttemptUnderflowTest) {
|
||||
+ EFI_DHCP6_PACKET_OPTION Option = { 0 };
|
||||
+ PXEBC_DHCP6_PACKET_CACHE *Cache6 = NULL;
|
||||
+
|
||||
+ Private.SelectIndex = 1; // SelectIndex is 1-based
|
||||
+ Cache6 = &Private.OfferBuffer[Private.SelectIndex - 1].Dhcp6;
|
||||
+ Cache6->OptList[PXEBC_DHCP6_IDX_DNS_SERVER] = &Option;
|
||||
+ // Setup the DHCPv6 offer packet
|
||||
+ Cache6->OptList[PXEBC_DHCP6_IDX_DNS_SERVER]->OpCode = DHCP6_OPT_SERVER_ID;
|
||||
+ Cache6->OptList[PXEBC_DHCP6_IDX_DNS_SERVER]->OpLen = NTOHS (2);
|
||||
+
|
||||
+ Private.DnsServer = NULL;
|
||||
+
|
||||
+ ASSERT_EQ (PxeBcCacheDnsServerAddresses (&(PxeBcCacheDnsServerAddressesTest::Private), Cache6), EFI_DEVICE_ERROR);
|
||||
+ ASSERT_EQ (Private.DnsServer, nullptr);
|
||||
+
|
||||
+ if (Private.DnsServer) {
|
||||
+ FreePool (Private.DnsServer);
|
||||
+ }
|
||||
+}
|
||||
+
|
||||
+// Test Description
|
||||
+// Test that we can handle recursive dns (multiple dns entries)
|
||||
+TEST_F (PxeBcCacheDnsServerAddressesTest, MultipleDnsEntries) {
|
||||
+ EFI_DHCP6_PACKET_OPTION Option = { 0 };
|
||||
+ PXEBC_DHCP6_PACKET_CACHE *Cache6 = NULL;
|
||||
+
|
||||
+ Private.SelectIndex = 1; // SelectIndex is 1-based
|
||||
+ Cache6 = &Private.OfferBuffer[Private.SelectIndex - 1].Dhcp6;
|
||||
+ Cache6->OptList[PXEBC_DHCP6_IDX_DNS_SERVER] = &Option;
|
||||
+ // Setup the DHCPv6 offer packet
|
||||
+ Cache6->OptList[PXEBC_DHCP6_IDX_DNS_SERVER]->OpCode = DHCP6_OPT_SERVER_ID;
|
||||
+
|
||||
+ EFI_IPv6_ADDRESS addresses[2] = {
|
||||
+ // 2001:db8:85a3::8a2e:370:7334
|
||||
+ { 0x20, 0x01, 0x0d, 0xb8, 0x85, 0xa3, 0x00, 0x00, 0x00, 0x00, 0x8a, 0x2e, 0x03, 0x70, 0x73, 0x34 },
|
||||
+ // fe80::d478:91c3:ecd7:4ff9
|
||||
+ { 0xfe, 0x80, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0xd4, 0x78, 0x91, 0xc3, 0xec, 0xd7, 0x4f, 0xf9 }
|
||||
+ };
|
||||
+
|
||||
+ CopyMem (Cache6->OptList[PXEBC_DHCP6_IDX_DNS_SERVER]->Data, &addresses, sizeof (addresses));
|
||||
+
|
||||
+ Cache6->OptList[PXEBC_DHCP6_IDX_DNS_SERVER]->OpLen = NTOHS (sizeof (addresses));
|
||||
+
|
||||
+ Private.DnsServer = NULL;
|
||||
+
|
||||
+ ASSERT_EQ (PxeBcCacheDnsServerAddresses (&(PxeBcCacheDnsServerAddressesTest::Private), Cache6), EFI_SUCCESS);
|
||||
+
|
||||
+ ASSERT_NE (Private.DnsServer, nullptr);
|
||||
+
|
||||
+ //
|
||||
+ // This is expected to fail until DnsServer supports multiple DNS servers
|
||||
+ //
|
||||
+ // This is tracked in https://bugzilla.tianocore.org/show_bug.cgi?id=1886
|
||||
+ //
|
||||
+ // Disabling:
|
||||
+ // ASSERT_EQ (CompareMem(Private.DnsServer, &addresses, sizeof(addresses)), 0);
|
||||
+
|
||||
+ if (Private.DnsServer) {
|
||||
+ FreePool (Private.DnsServer);
|
||||
+ }
|
||||
+}
|
||||
diff --git a/NetworkPkg/UefiPxeBcDxe/GoogleTest/PxeBcDhcp6GoogleTest.h b/NetworkPkg/UefiPxeBcDxe/GoogleTest/PxeBcDhcp6GoogleTest.h
|
||||
new file mode 100644
|
||||
index 0000000000..b17c314791
|
||||
--- /dev/null
|
||||
+++ b/NetworkPkg/UefiPxeBcDxe/GoogleTest/PxeBcDhcp6GoogleTest.h
|
||||
@@ -0,0 +1,50 @@
|
||||
+/** @file
|
||||
+ This file exposes the internal interfaces which may be unit tested
|
||||
+ for the PxeBcDhcp6Dxe driver.
|
||||
+
|
||||
+ Copyright (c) Microsoft Corporation.<BR>
|
||||
+ SPDX-License-Identifier: BSD-2-Clause-Patent
|
||||
+**/
|
||||
+
|
||||
+#ifndef PXE_BC_DHCP6_GOOGLE_TEST_H_
|
||||
+#define PXE_BC_DHCP6_GOOGLE_TEST_H_
|
||||
+
|
||||
+//
|
||||
+// Minimal includes needed to compile
|
||||
+//
|
||||
+#include <Uefi.h>
|
||||
+#include "../PxeBcImpl.h"
|
||||
+
|
||||
+/**
|
||||
+ Handle the DHCPv6 offer packet.
|
||||
+
|
||||
+ @param[in] Private The pointer to PXEBC_PRIVATE_DATA.
|
||||
+
|
||||
+ @retval EFI_SUCCESS Handled the DHCPv6 offer packet successfully.
|
||||
+ @retval EFI_NO_RESPONSE No response to the following request packet.
|
||||
+ @retval EFI_OUT_OF_RESOURCES Failed to allocate resources.
|
||||
+ @retval EFI_BUFFER_TOO_SMALL Can't cache the offer pacet.
|
||||
+
|
||||
+**/
|
||||
+EFI_STATUS
|
||||
+PxeBcHandleDhcp6Offer (
|
||||
+ IN PXEBC_PRIVATE_DATA *Private
|
||||
+ );
|
||||
+
|
||||
+/**
|
||||
+ Cache the DHCPv6 Server address
|
||||
+
|
||||
+ @param[in] Private The pointer to PXEBC_PRIVATE_DATA.
|
||||
+ @param[in] Cache6 The pointer to PXEBC_DHCP6_PACKET_CACHE.
|
||||
+
|
||||
+ @retval EFI_SUCCESS Cache the DHCPv6 Server address successfully.
|
||||
+ @retval EFI_OUT_OF_RESOURCES Failed to allocate resources.
|
||||
+ @retval EFI_DEVICE_ERROR Failed to cache the DHCPv6 Server address.
|
||||
+**/
|
||||
+EFI_STATUS
|
||||
+PxeBcCacheDnsServerAddresses (
|
||||
+ IN PXEBC_PRIVATE_DATA *Private,
|
||||
+ IN PXEBC_DHCP6_PACKET_CACHE *Cache6
|
||||
+ );
|
||||
+
|
||||
+#endif // PXE_BC_DHCP6_GOOGLE_TEST_H_
|
||||
diff --git a/NetworkPkg/UefiPxeBcDxe/GoogleTest/UefiPxeBcDxeGoogleTest.cpp b/NetworkPkg/UefiPxeBcDxe/GoogleTest/UefiPxeBcDxeGoogleTest.cpp
|
||||
new file mode 100644
|
||||
index 0000000000..cc4fdf525b
|
||||
--- /dev/null
|
||||
+++ b/NetworkPkg/UefiPxeBcDxe/GoogleTest/UefiPxeBcDxeGoogleTest.cpp
|
||||
@@ -0,0 +1,19 @@
|
||||
+/** @file
|
||||
+ Acts as the main entry point for the tests for the UefiPxeBcDxe module.
|
||||
+ Copyright (c) Microsoft Corporation
|
||||
+ SPDX-License-Identifier: BSD-2-Clause-Patent
|
||||
+**/
|
||||
+#include <gtest/gtest.h>
|
||||
+
|
||||
+////////////////////////////////////////////////////////////////////////////////
|
||||
+// Run the tests
|
||||
+////////////////////////////////////////////////////////////////////////////////
|
||||
+int
|
||||
+main (
|
||||
+ int argc,
|
||||
+ char *argv[]
|
||||
+ )
|
||||
+{
|
||||
+ testing::InitGoogleTest (&argc, argv);
|
||||
+ return RUN_ALL_TESTS ();
|
||||
+}
|
||||
diff --git a/NetworkPkg/UefiPxeBcDxe/GoogleTest/UefiPxeBcDxeGoogleTest.inf b/NetworkPkg/UefiPxeBcDxe/GoogleTest/UefiPxeBcDxeGoogleTest.inf
|
||||
new file mode 100644
|
||||
index 0000000000..301dcdf611
|
||||
--- /dev/null
|
||||
+++ b/NetworkPkg/UefiPxeBcDxe/GoogleTest/UefiPxeBcDxeGoogleTest.inf
|
||||
@@ -0,0 +1,48 @@
|
||||
+## @file
|
||||
+# Unit test suite for the UefiPxeBcDxe using Google Test
|
||||
+#
|
||||
+# Copyright (c) Microsoft Corporation.<BR>
|
||||
+# SPDX-License-Identifier: BSD-2-Clause-Patent
|
||||
+##
|
||||
+[Defines]
|
||||
+INF_VERSION = 0x00010005
|
||||
+BASE_NAME = UefiPxeBcDxeGoogleTest
|
||||
+FILE_GUID = 77D45C64-EC1E-4174-887B-886E89FD1EDF
|
||||
+MODULE_TYPE = HOST_APPLICATION
|
||||
+VERSION_STRING = 1.0
|
||||
+
|
||||
+#
|
||||
+# The following information is for reference only and not required by the build tools.
|
||||
+#
|
||||
+# VALID_ARCHITECTURES = IA32 X64
|
||||
+#
|
||||
+
|
||||
+[Sources]
|
||||
+ UefiPxeBcDxeGoogleTest.cpp
|
||||
+ PxeBcDhcp6GoogleTest.cpp
|
||||
+ PxeBcDhcp6GoogleTest.h
|
||||
+ ../PxeBcDhcp6.c
|
||||
+ ../PxeBcSupport.c
|
||||
+
|
||||
+[Packages]
|
||||
+ MdePkg/MdePkg.dec
|
||||
+ MdeModulePkg/MdeModulePkg.dec
|
||||
+ UnitTestFrameworkPkg/UnitTestFrameworkPkg.dec
|
||||
+ NetworkPkg/NetworkPkg.dec
|
||||
+
|
||||
+[LibraryClasses]
|
||||
+ GoogleTestLib
|
||||
+ DebugLib
|
||||
+ NetLib
|
||||
+ PcdLib
|
||||
+
|
||||
+[Protocols]
|
||||
+ gEfiDhcp6ServiceBindingProtocolGuid
|
||||
+ gEfiDns6ServiceBindingProtocolGuid
|
||||
+ gEfiDns6ProtocolGuid
|
||||
+
|
||||
+[Pcd]
|
||||
+ gEfiNetworkPkgTokenSpaceGuid.PcdDhcp6UidType
|
||||
+
|
||||
+[Guids]
|
||||
+ gZeroGuid
|
||||
--
|
||||
2.39.3
|
@ -18,7 +18,7 @@ ExclusiveArch: x86_64 aarch64
|
||||
|
||||
Name: edk2
|
||||
Version: %{GITDATE}
|
||||
Release: 4%{?dist}
|
||||
Release: 4%{?dist}.2.alma
|
||||
Summary: UEFI firmware for 64-bit virtual machines
|
||||
License: BSD-2-Clause-Patent and OpenSSL and MIT
|
||||
URL: http://www.tianocore.org
|
||||
@ -111,6 +111,16 @@ Patch44: edk2-OvmfPkg-AmdSevDxe-Shim-Reboot-workaround-RHEL-only.patch
|
||||
Patch45: edk2-OvmfPkg-ResetVector-Fix-assembler-bit-test-flag-chec.patch
|
||||
|
||||
|
||||
# Patches were taken from:
|
||||
# https://git.almalinux.org/rpms/edk2/commit/8fbeb84967d7649fe4ad8f7db82983c2194a4750
|
||||
Patch46: edk2-NetworkPkg-Add-Unit-tests-to-CI-and-create-Host-Test.patch
|
||||
# https://gitlab.com/redhat/centos-stream/rpms/edk2/-/commit/9ab668cc6b0651bd6e84c96305139fb5031597fb
|
||||
Patch47: edk2-NetworkPkg-Dhcp6Dxe-SECURITY-PATCH-CVE-2023-45230-Pa.patch
|
||||
Patch48: edk2-NetworkPkg-Dhcp6Dxe-SECURITY-PATCH-CVE-2023-45230-Un.patch
|
||||
# https://gitlab.com/redhat/centos-stream/rpms/edk2/-/commit/9ab668cc6b0651bd6e84c96305139fb5031597fb
|
||||
Patch49: edk2-NetworkPkg-UefiPxeBcDxe-SECURITY-PATCH-CVE-2023-4523.patch
|
||||
Patch50: edk2-NetworkPkg-UefiPxeBcDxe-SECURITY-PATCH-CVE-2023-4523p2.patch
|
||||
|
||||
# python3-devel and libuuid-devel are required for building tools.
|
||||
# python3-devel is also needed for varstore template generation and
|
||||
# verification with "ovmf-vars-generator".
|
||||
@ -428,6 +438,18 @@ install -m 0644 \
|
||||
|
||||
|
||||
%changelog
|
||||
* Tue Mar 05 2024 Eduard Abdullin <eabdullin@almalinux.org> - 20230524-4.2.alma
|
||||
- NetworkPkg: : Add Unit tests to CI and create Host Test
|
||||
DSC
|
||||
- NetworkPkg: Dhcp6Dxe: SECURITY PATCH CVE-2023-45230
|
||||
Patch
|
||||
- NetworkPkg: Dhcp6Dxe: SECURITY PATCH CVE-2023-45230
|
||||
Unit Tests
|
||||
- NetworkPkg: UefiPxeBcDxe: SECURITY PATCH CVE-2023-45234
|
||||
Patch
|
||||
- NetworkPkg: UefiPxeBcDxe: SECURITY PATCH CVE-2023-45234
|
||||
Unit Tests
|
||||
|
||||
* Mon Oct 09 2023 Miroslav Rezanina <mrezanin@redhat.com> - 20230524-4
|
||||
- edk2-OvmfPkg-ResetVector-Fix-assembler-bit-test-flag-chec.patch [RHEL-9943]
|
||||
- Resolves: RHEL-9943
|
||||
|
Loading…
Reference in New Issue
Block a user