MdeModulePkg/VariableStandaloneMm: Fix TCG MOR secure feature issue

According to TCG's Platform Reset Attack Mitigation spec, the OS should never create the MOR variable, only read and write it. But some OSes (Fedora 24 and 25) don't follow the TCG's Platform Reset Attack Mitigation spec and unintentionally create MOR variable. The commit fda8f631edbbf3823760542a06f12bd60fd39181 added function VariableHaveTcgProtocols() to check against Tcg/Tcg2 protocol to infer whether the MOR variable is created by platform firmware or not. If not, delete the variable created by OS and lock the variable to avoid OS to create it. But in VariableStandaloneMm, VariableHaveTcgProtocols() always returns FALSE, it causes TCG MOR secure feature does not work in standalone MM environment. As Fedora 24 and 25 are EOL today, directly returns TRUE in the function VariableHaveTcgProtocols() for VariableStandaloneMm, and rename the function to VariableIsMorVariableLegitimate() to make it more obvious what the narrow use-case is for which it exists. Signed-off-by: Wei6 Xu <wei6.xu@intel.com>
author: Wei6 Xu <wei6.xu@intel.com> 2024-08-16 16:33:44 +0800
committer: mergify[bot] <37929162+mergify[bot]@users.noreply.github.com> 2024-08-30 13:18:08 +0000
commit: 5aa684271512d180514e671f7a7266e67db8df92 (patch)
tree: 934f7d4eb510769c1c93f29b55e1551a62671b78 /MdeModulePkg/Universal/Variable
parent: f31aa47deea9239d61b41fda8d445ecf607fcef9 (diff)
download: edk2-5aa684271512d180514e671f7a7266e67db8df92.tar.gz
4 files changed, 15 insertions, 23 deletions
diff --git a/MdeModulePkg/Universal/Variable/RuntimeDxe/PrivilegePolymorphic.h b/MdeModulePkg/Universal/Variable/RuntimeDxe/PrivilegePolymorphic.h
index e7bd4c9706..969a4f7e9d 100644
--- a/MdeModulePkg/Universal/Variable/RuntimeDxe/PrivilegePolymorphic.h
+++ b/MdeModulePkg/Universal/Variable/RuntimeDxe/PrivilegePolymorphic.h
@@ -156,17 +156,13 @@ VariableSmmIsNonPrimaryBufferValid (
   );
 
 /**
-  Whether the TCG or TCG2 protocols are installed in the UEFI protocol database.
-  This information is used by the MorLock code to infer whether an existing
-  MOR variable is legitimate or not.
-
-  @retval TRUE  Either the TCG or TCG2 protocol is installed in the UEFI
-                protocol database
-  @retval FALSE Neither the TCG nor the TCG2 protocol is installed in the UEFI
-                protocol database
+  Whether the MOR variable is legitimate or not.
+
+  @retval TRUE  MOR Variable is legitimate.
+  @retval FALSE MOR Variable in not legitimate.
 **/
 BOOLEAN
-VariableHaveTcgProtocols (
+VariableIsMorVariableLegitimate (
   VOID
   );
 
diff --git a/MdeModulePkg/Universal/Variable/RuntimeDxe/TcgMorLockSmm.c b/MdeModulePkg/Universal/Variable/RuntimeDxe/TcgMorLockSmm.c
index 28e8cc55d9..7f8b2a7776 100644
--- a/MdeModulePkg/Universal/Variable/RuntimeDxe/TcgMorLockSmm.c
+++ b/MdeModulePkg/Universal/Variable/RuntimeDxe/TcgMorLockSmm.c
@@ -475,7 +475,7 @@ MorLockInitAtEndOfDxe (
     // can be deduced from the absence of the TCG / TCG2 protocols, as edk2's
     // MOR implementation depends on (one of) those protocols.
     //
-    if (VariableHaveTcgProtocols ()) {
+    if (VariableIsMorVariableLegitimate ()) {
       //
       // The MOR variable originates from the platform firmware; set the MOR
       // Control Lock variable to report the locking capability to the OS.
diff --git a/MdeModulePkg/Universal/Variable/RuntimeDxe/VariableStandaloneMm.c b/MdeModulePkg/Universal/Variable/RuntimeDxe/VariableStandaloneMm.c
index 1b9cf6dfd9..f3daca3eba 100644
--- a/MdeModulePkg/Universal/Variable/RuntimeDxe/VariableStandaloneMm.c
+++ b/MdeModulePkg/Universal/Variable/RuntimeDxe/VariableStandaloneMm.c
@@ -89,19 +89,15 @@ VariableServiceInitialize (
 }
 
 /**
-  Whether the TCG or TCG2 protocols are installed in the UEFI protocol database.
-  This information is used by the MorLock code to infer whether an existing
-  MOR variable is legitimate or not.
-
-  @retval TRUE  Either the TCG or TCG2 protocol is installed in the UEFI
-                protocol database
-  @retval FALSE Neither the TCG nor the TCG2 protocol is installed in the UEFI
-                protocol database
+  Whether the MOR variable is legitimate or not.
+
+  @retval TRUE  MOR Variable is legitimate.
+  @retval FALSE MOR Variable in not legitimate.
 **/
 BOOLEAN
-VariableHaveTcgProtocols (
+VariableIsMorVariableLegitimate (
   VOID
   )
 {
-  return FALSE;
+  return TRUE;
 }
diff --git a/MdeModulePkg/Universal/Variable/RuntimeDxe/VariableTraditionalMm.c b/MdeModulePkg/Universal/Variable/RuntimeDxe/VariableTraditionalMm.c
index 7247f7574d..cd82bb5675 100644
--- a/MdeModulePkg/Universal/Variable/RuntimeDxe/VariableTraditionalMm.c
+++ b/MdeModulePkg/Universal/Variable/RuntimeDxe/VariableTraditionalMm.c
@@ -118,12 +118,12 @@ VariableServiceInitialize (
   MOR variable is legitimate or not.
 
   @retval TRUE  Either the TCG or TCG2 protocol is installed in the UEFI
-                protocol database
+                protocol database. MOR variable is legitimate.
   @retval FALSE Neither the TCG nor the TCG2 protocol is installed in the UEFI
-                protocol database
+                protocol database. MOR variable is not legitimate.
 **/
 BOOLEAN
-VariableHaveTcgProtocols (
+VariableIsMorVariableLegitimate (
   VOID
   )
 {
author	Wei6 Xu <wei6.xu@intel.com>	2024-08-16 16:33:44 +0800
committer	mergify[bot] <37929162+mergify[bot]@users.noreply.github.com>	2024-08-30 13:18:08 +0000
commit	5aa684271512d180514e671f7a7266e67db8df92 (patch)
tree	934f7d4eb510769c1c93f29b55e1551a62671b78 /MdeModulePkg/Universal/Variable
parent	f31aa47deea9239d61b41fda8d445ecf607fcef9 (diff)
download	edk2-5aa684271512d180514e671f7a7266e67db8df92.tar.gz