8ae7c916be
- edk2-SecurityPkg-DxeTpm2MeasureBootLib-SECURITY-PATCH-4118.patch [RHEL-21157] - edk2-SecurityPkg-DxeTpmMeasureBootLib-SECURITY-PATCH-4118.patch [RHEL-21157] - edk2-SecurityPkg-DxeTpm2MeasureBootLib-SECURITY-PATCH-411-2.patch [RHEL-21157] - edk2-SecurityPkg-DxeTpmMeasureBootLib-SECURITY-PATCH-411-3.patch [RHEL-21157] - edk2-SecurityPkg-Updating-SecurityFixes.yaml-after-symbol.patch [RHEL-21157] - edk2-OvmfPkg-Sec-Setup-MTRR-early-in-the-boot-process.patch [RHEL-21704] - edk2-MdePkg-ArchitecturalMsr.h-add-defines-for-MTRR-cache.patch [RHEL-21704] - edk2-UefiCpuPkg-MtrrLib.h-use-cache-type-defines-from-Arc.patch [RHEL-21704] - edk2-OvmfPkg-Sec-use-cache-type-defines-from-Architectura.patch [RHEL-21704] - Resolves: RHEL-21157 (CVE-2022-36764 edk2: heap buffer overflow in Tcg2MeasurePeImage() [rhel-9]) - Resolves: RHEL-21704 (vGPU VM take several minutes to show tianocore logo if firmware is ovmf)
281 lines
13 KiB
Diff
281 lines
13 KiB
Diff
From bf371de652c1132667666a9534ec2d91f9ea111d Mon Sep 17 00:00:00 2001
|
|
From: Jon Maloy <jmaloy@redhat.com>
|
|
Date: Tue, 13 Feb 2024 16:30:10 -0500
|
|
Subject: [PATCH 4/9] SecurityPkg: DxeTpmMeasureBootLib: SECURITY PATCH
|
|
4117/4118 symbol rename
|
|
|
|
RH-Author: Jon Maloy <jmaloy@redhat.com>
|
|
RH-MergeRequest: 53: SecurityPkg: DxeTpm2MeasureBootLib: SECURITY PATCH 4118 - CVE 2022-36764
|
|
RH-Jira: RHEL-21157
|
|
RH-Acked-by: Laszlo Ersek <lersek@redhat.com>
|
|
RH-Acked-by: Gerd Hoffmann <None>
|
|
RH-Commit: [4/5] bf00b368887b50b1ff5578a4491550b5741e3e34
|
|
|
|
JIRA: https://issues.redhat.com/browse/RHEL-21157
|
|
CVE: CVE-2022-36764
|
|
Upstream: Merged
|
|
|
|
commit 326db0c9072004dea89427ea3a44393a84966f2b
|
|
Author: Doug Flick <dougflick@microsoft.com>
|
|
Date: Wed Jan 17 14:47:21 2024 -0800
|
|
|
|
SecurityPkg: DxeTpmMeasureBootLib: SECURITY PATCH 4117/4118 symbol rename
|
|
|
|
Updates the sanitation function names to be lib unique names
|
|
|
|
Cc: Jiewen Yao <jiewen.yao@intel.com>
|
|
Cc: Rahul Kumar <rahul1.kumar@intel.com>
|
|
|
|
Signed-off-by: Doug Flick [MSFT] <doug.edk2@gmail.com>
|
|
Message-Id: <355aa846a99ca6ac0f7574cf5982661da0d9fea6.1705529990.git.doug.edk2@gmail.com>
|
|
Reviewed-by: Jiewen Yao <Jiewen.yao@intel.com>
|
|
|
|
Signed-off-by: Jon Maloy <jmaloy@redhat.com>
|
|
---
|
|
.../DxeTpmMeasureBootLib.c | 8 +++---
|
|
.../DxeTpmMeasureBootLibSanitization.c | 10 +++----
|
|
.../DxeTpmMeasureBootLibSanitization.h | 8 +++---
|
|
.../DxeTpmMeasureBootLibSanitizationTest.c | 26 +++++++++----------
|
|
4 files changed, 26 insertions(+), 26 deletions(-)
|
|
|
|
diff --git a/SecurityPkg/Library/DxeTpmMeasureBootLib/DxeTpmMeasureBootLib.c b/SecurityPkg/Library/DxeTpmMeasureBootLib/DxeTpmMeasureBootLib.c
|
|
index a9fc440a09..ac855b8fbb 100644
|
|
--- a/SecurityPkg/Library/DxeTpmMeasureBootLib/DxeTpmMeasureBootLib.c
|
|
+++ b/SecurityPkg/Library/DxeTpmMeasureBootLib/DxeTpmMeasureBootLib.c
|
|
@@ -174,7 +174,7 @@ TcgMeasureGptTable (
|
|
BlockIo->Media->BlockSize,
|
|
(UINT8 *)PrimaryHeader
|
|
);
|
|
- if (EFI_ERROR (Status) || EFI_ERROR (SanitizeEfiPartitionTableHeader (PrimaryHeader, BlockIo))) {
|
|
+ if (EFI_ERROR (Status) || EFI_ERROR (TpmSanitizeEfiPartitionTableHeader (PrimaryHeader, BlockIo))) {
|
|
DEBUG ((DEBUG_ERROR, "Failed to read Partition Table Header or invalid Partition Table Header!\n"));
|
|
FreePool (PrimaryHeader);
|
|
return EFI_DEVICE_ERROR;
|
|
@@ -183,7 +183,7 @@ TcgMeasureGptTable (
|
|
//
|
|
// Read the partition entry.
|
|
//
|
|
- Status = SanitizePrimaryHeaderAllocationSize (PrimaryHeader, &AllocSize);
|
|
+ Status = TpmSanitizePrimaryHeaderAllocationSize (PrimaryHeader, &AllocSize);
|
|
if (EFI_ERROR (Status)) {
|
|
FreePool (PrimaryHeader);
|
|
return EFI_DEVICE_ERROR;
|
|
@@ -224,7 +224,7 @@ TcgMeasureGptTable (
|
|
//
|
|
// Prepare Data for Measurement
|
|
//
|
|
- Status = SanitizePrimaryHeaderGptEventSize (PrimaryHeader, NumberOfPartition, &EventSize);
|
|
+ Status = TpmSanitizePrimaryHeaderGptEventSize (PrimaryHeader, NumberOfPartition, &EventSize);
|
|
TcgEvent = (TCG_PCR_EVENT *)AllocateZeroPool (EventSize);
|
|
if (TcgEvent == NULL) {
|
|
FreePool (PrimaryHeader);
|
|
@@ -351,7 +351,7 @@ TcgMeasurePeImage (
|
|
|
|
// Determine destination PCR by BootPolicy
|
|
//
|
|
- Status = SanitizePeImageEventSize (FilePathSize, &EventSize);
|
|
+ Status = TpmSanitizePeImageEventSize (FilePathSize, &EventSize);
|
|
if (EFI_ERROR (Status)) {
|
|
return EFI_UNSUPPORTED;
|
|
}
|
|
diff --git a/SecurityPkg/Library/DxeTpmMeasureBootLib/DxeTpmMeasureBootLibSanitization.c b/SecurityPkg/Library/DxeTpmMeasureBootLib/DxeTpmMeasureBootLibSanitization.c
|
|
index c989851cec..070e4a2c1c 100644
|
|
--- a/SecurityPkg/Library/DxeTpmMeasureBootLib/DxeTpmMeasureBootLibSanitization.c
|
|
+++ b/SecurityPkg/Library/DxeTpmMeasureBootLib/DxeTpmMeasureBootLibSanitization.c
|
|
@@ -1,5 +1,5 @@
|
|
/** @file
|
|
- The library instance provides security service of TPM2 measure boot and
|
|
+ The library instance provides security service of TPM measure boot and
|
|
Confidential Computing (CC) measure boot.
|
|
|
|
Caution: This file requires additional review when modified.
|
|
@@ -63,7 +63,7 @@
|
|
**/
|
|
EFI_STATUS
|
|
EFIAPI
|
|
-SanitizeEfiPartitionTableHeader (
|
|
+TpmSanitizeEfiPartitionTableHeader (
|
|
IN CONST EFI_PARTITION_TABLE_HEADER *PrimaryHeader,
|
|
IN CONST EFI_BLOCK_IO_PROTOCOL *BlockIo
|
|
)
|
|
@@ -145,7 +145,7 @@ SanitizeEfiPartitionTableHeader (
|
|
**/
|
|
EFI_STATUS
|
|
EFIAPI
|
|
-SanitizePrimaryHeaderAllocationSize (
|
|
+TpmSanitizePrimaryHeaderAllocationSize (
|
|
IN CONST EFI_PARTITION_TABLE_HEADER *PrimaryHeader,
|
|
OUT UINT32 *AllocationSize
|
|
)
|
|
@@ -194,7 +194,7 @@ SanitizePrimaryHeaderAllocationSize (
|
|
One of the passed parameters was invalid.
|
|
**/
|
|
EFI_STATUS
|
|
-SanitizePrimaryHeaderGptEventSize (
|
|
+TpmSanitizePrimaryHeaderGptEventSize (
|
|
IN CONST EFI_PARTITION_TABLE_HEADER *PrimaryHeader,
|
|
IN UINTN NumberOfPartition,
|
|
OUT UINT32 *EventSize
|
|
@@ -258,7 +258,7 @@ SanitizePrimaryHeaderGptEventSize (
|
|
One of the passed parameters was invalid.
|
|
**/
|
|
EFI_STATUS
|
|
-SanitizePeImageEventSize (
|
|
+TpmSanitizePeImageEventSize (
|
|
IN UINT32 FilePathSize,
|
|
OUT UINT32 *EventSize
|
|
)
|
|
diff --git a/SecurityPkg/Library/DxeTpmMeasureBootLib/DxeTpmMeasureBootLibSanitization.h b/SecurityPkg/Library/DxeTpmMeasureBootLib/DxeTpmMeasureBootLibSanitization.h
|
|
index 2248495813..db6e9c3752 100644
|
|
--- a/SecurityPkg/Library/DxeTpmMeasureBootLib/DxeTpmMeasureBootLibSanitization.h
|
|
+++ b/SecurityPkg/Library/DxeTpmMeasureBootLib/DxeTpmMeasureBootLibSanitization.h
|
|
@@ -53,7 +53,7 @@
|
|
**/
|
|
EFI_STATUS
|
|
EFIAPI
|
|
-SanitizeEfiPartitionTableHeader (
|
|
+TpmSanitizeEfiPartitionTableHeader (
|
|
IN CONST EFI_PARTITION_TABLE_HEADER *PrimaryHeader,
|
|
IN CONST EFI_BLOCK_IO_PROTOCOL *BlockIo
|
|
);
|
|
@@ -77,7 +77,7 @@ SanitizeEfiPartitionTableHeader (
|
|
**/
|
|
EFI_STATUS
|
|
EFIAPI
|
|
-SanitizePrimaryHeaderAllocationSize (
|
|
+TpmSanitizePrimaryHeaderAllocationSize (
|
|
IN CONST EFI_PARTITION_TABLE_HEADER *PrimaryHeader,
|
|
OUT UINT32 *AllocationSize
|
|
);
|
|
@@ -105,7 +105,7 @@ SanitizePrimaryHeaderAllocationSize (
|
|
One of the passed parameters was invalid.
|
|
**/
|
|
EFI_STATUS
|
|
-SanitizePrimaryHeaderGptEventSize (
|
|
+TpmSanitizePrimaryHeaderGptEventSize (
|
|
IN CONST EFI_PARTITION_TABLE_HEADER *PrimaryHeader,
|
|
IN UINTN NumberOfPartition,
|
|
OUT UINT32 *EventSize
|
|
@@ -129,7 +129,7 @@ SanitizePrimaryHeaderGptEventSize (
|
|
One of the passed parameters was invalid.
|
|
**/
|
|
EFI_STATUS
|
|
-SanitizePeImageEventSize (
|
|
+TpmSanitizePeImageEventSize (
|
|
IN UINT32 FilePathSize,
|
|
OUT UINT32 *EventSize
|
|
);
|
|
diff --git a/SecurityPkg/Library/DxeTpmMeasureBootLib/InternalUnitTest/DxeTpmMeasureBootLibSanitizationTest.c b/SecurityPkg/Library/DxeTpmMeasureBootLib/InternalUnitTest/DxeTpmMeasureBootLibSanitizationTest.c
|
|
index c41498be45..de1740af41 100644
|
|
--- a/SecurityPkg/Library/DxeTpmMeasureBootLib/InternalUnitTest/DxeTpmMeasureBootLibSanitizationTest.c
|
|
+++ b/SecurityPkg/Library/DxeTpmMeasureBootLib/InternalUnitTest/DxeTpmMeasureBootLibSanitizationTest.c
|
|
@@ -83,27 +83,27 @@ TestSanitizeEfiPartitionTableHeader (
|
|
PrimaryHeader.Header.CRC32 = CalculateCrc32 ((UINT8 *)&PrimaryHeader, PrimaryHeader.Header.HeaderSize);
|
|
|
|
// Test that a normal PrimaryHeader passes validation
|
|
- Status = SanitizeEfiPartitionTableHeader (&PrimaryHeader, &BlockIo);
|
|
+ Status = TpmSanitizeEfiPartitionTableHeader (&PrimaryHeader, &BlockIo);
|
|
UT_ASSERT_NOT_EFI_ERROR (Status);
|
|
|
|
// Test that when number of partition entries is 0, the function returns EFI_DEVICE_ERROR
|
|
// Should print "Invalid Partition Table Header NumberOfPartitionEntries!""
|
|
PrimaryHeader.NumberOfPartitionEntries = 0;
|
|
- Status = SanitizeEfiPartitionTableHeader (&PrimaryHeader, &BlockIo);
|
|
+ Status = TpmSanitizeEfiPartitionTableHeader (&PrimaryHeader, &BlockIo);
|
|
UT_ASSERT_EQUAL (Status, EFI_DEVICE_ERROR);
|
|
PrimaryHeader.NumberOfPartitionEntries = DEFAULT_PRIMARY_TABLE_HEADER_SIZE_OF_PARTITION_ENTRY;
|
|
|
|
// Test that when the header size is too small, the function returns EFI_DEVICE_ERROR
|
|
// Should print "Invalid Partition Table Header Size!"
|
|
PrimaryHeader.Header.HeaderSize = 0;
|
|
- Status = SanitizeEfiPartitionTableHeader (&PrimaryHeader, &BlockIo);
|
|
+ Status = TpmSanitizeEfiPartitionTableHeader (&PrimaryHeader, &BlockIo);
|
|
UT_ASSERT_EQUAL (Status, EFI_DEVICE_ERROR);
|
|
PrimaryHeader.Header.HeaderSize = sizeof (EFI_PARTITION_TABLE_HEADER);
|
|
|
|
// Test that when the SizeOfPartitionEntry is too small, the function returns EFI_DEVICE_ERROR
|
|
// should print: "SizeOfPartitionEntry shall be set to a value of 128 x 2^n where n is an integer greater than or equal to zero (e.g., 128, 256, 512, etc.)!"
|
|
PrimaryHeader.SizeOfPartitionEntry = 1;
|
|
- Status = SanitizeEfiPartitionTableHeader (&PrimaryHeader, &BlockIo);
|
|
+ Status = TpmSanitizeEfiPartitionTableHeader (&PrimaryHeader, &BlockIo);
|
|
UT_ASSERT_EQUAL (Status, EFI_DEVICE_ERROR);
|
|
|
|
DEBUG ((DEBUG_INFO, "%a: Test passed\n", __func__));
|
|
@@ -136,7 +136,7 @@ TestSanitizePrimaryHeaderAllocationSize (
|
|
PrimaryHeader.NumberOfPartitionEntries = 5;
|
|
PrimaryHeader.SizeOfPartitionEntry = DEFAULT_PRIMARY_TABLE_HEADER_SIZE_OF_PARTITION_ENTRY;
|
|
|
|
- Status = SanitizePrimaryHeaderAllocationSize (&PrimaryHeader, &AllocationSize);
|
|
+ Status = TpmSanitizePrimaryHeaderAllocationSize (&PrimaryHeader, &AllocationSize);
|
|
UT_ASSERT_NOT_EFI_ERROR (Status);
|
|
|
|
// Test that the allocation size is correct compared to the existing logic
|
|
@@ -145,19 +145,19 @@ TestSanitizePrimaryHeaderAllocationSize (
|
|
// Test that an overflow is detected
|
|
PrimaryHeader.NumberOfPartitionEntries = MAX_UINT32;
|
|
PrimaryHeader.SizeOfPartitionEntry = 5;
|
|
- Status = SanitizePrimaryHeaderAllocationSize (&PrimaryHeader, &AllocationSize);
|
|
+ Status = TpmSanitizePrimaryHeaderAllocationSize (&PrimaryHeader, &AllocationSize);
|
|
UT_ASSERT_EQUAL (Status, EFI_BAD_BUFFER_SIZE);
|
|
|
|
// Test the inverse
|
|
PrimaryHeader.NumberOfPartitionEntries = 5;
|
|
PrimaryHeader.SizeOfPartitionEntry = MAX_UINT32;
|
|
- Status = SanitizePrimaryHeaderAllocationSize (&PrimaryHeader, &AllocationSize);
|
|
+ Status = TpmSanitizePrimaryHeaderAllocationSize (&PrimaryHeader, &AllocationSize);
|
|
UT_ASSERT_EQUAL (Status, EFI_BAD_BUFFER_SIZE);
|
|
|
|
// Test the worst case scenario
|
|
PrimaryHeader.NumberOfPartitionEntries = MAX_UINT32;
|
|
PrimaryHeader.SizeOfPartitionEntry = MAX_UINT32;
|
|
- Status = SanitizePrimaryHeaderAllocationSize (&PrimaryHeader, &AllocationSize);
|
|
+ Status = TpmSanitizePrimaryHeaderAllocationSize (&PrimaryHeader, &AllocationSize);
|
|
UT_ASSERT_EQUAL (Status, EFI_BAD_BUFFER_SIZE);
|
|
|
|
DEBUG ((DEBUG_INFO, "%a: Test passed\n", __func__));
|
|
@@ -195,7 +195,7 @@ TestSanitizePrimaryHeaderGptEventSize (
|
|
NumberOfPartition = 13;
|
|
|
|
// that the primary event size is correct
|
|
- Status = SanitizePrimaryHeaderGptEventSize (&PrimaryHeader, NumberOfPartition, &EventSize);
|
|
+ Status = TpmSanitizePrimaryHeaderGptEventSize (&PrimaryHeader, NumberOfPartition, &EventSize);
|
|
UT_ASSERT_NOT_EFI_ERROR (Status);
|
|
|
|
// Calculate the existing logic event size
|
|
@@ -206,12 +206,12 @@ TestSanitizePrimaryHeaderGptEventSize (
|
|
UT_ASSERT_EQUAL (EventSize, ExistingLogicEventSize);
|
|
|
|
// Tests that the primary event size may not overflow
|
|
- Status = SanitizePrimaryHeaderGptEventSize (&PrimaryHeader, MAX_UINT32, &EventSize);
|
|
+ Status = TpmSanitizePrimaryHeaderGptEventSize (&PrimaryHeader, MAX_UINT32, &EventSize);
|
|
UT_ASSERT_EQUAL (Status, EFI_BAD_BUFFER_SIZE);
|
|
|
|
// Test that the size of partition entries may not overflow
|
|
PrimaryHeader.SizeOfPartitionEntry = MAX_UINT32;
|
|
- Status = SanitizePrimaryHeaderGptEventSize (&PrimaryHeader, NumberOfPartition, &EventSize);
|
|
+ Status = TpmSanitizePrimaryHeaderGptEventSize (&PrimaryHeader, NumberOfPartition, &EventSize);
|
|
UT_ASSERT_EQUAL (Status, EFI_BAD_BUFFER_SIZE);
|
|
|
|
DEBUG ((DEBUG_INFO, "%a: Test passed\n", __func__));
|
|
@@ -269,7 +269,7 @@ TestSanitizePeImageEventSize (
|
|
FilePathSize = 255;
|
|
|
|
// Test that a normal PE image passes validation
|
|
- Status = SanitizePeImageEventSize (FilePathSize, &EventSize);
|
|
+ Status = TpmSanitizePeImageEventSize (FilePathSize, &EventSize);
|
|
if (EFI_ERROR (Status)) {
|
|
UT_LOG_ERROR ("SanitizePeImageEventSize failed with %r\n", Status);
|
|
goto Exit;
|
|
@@ -285,7 +285,7 @@ TestSanitizePeImageEventSize (
|
|
}
|
|
|
|
// Test that the event size may not overflow
|
|
- Status = SanitizePeImageEventSize (MAX_UINT32, &EventSize);
|
|
+ Status = TpmSanitizePeImageEventSize (MAX_UINT32, &EventSize);
|
|
if (Status != EFI_BAD_BUFFER_SIZE) {
|
|
UT_LOG_ERROR ("SanitizePeImageEventSize succeded when it was supposed to fail with %r\n", Status);
|
|
goto Exit;
|
|
--
|
|
2.39.3
|
|
|