Age | Commit message (Collapse) | Author |
|
UEFI specification doesn't specify whether read-only constraint can be
removed from a variable or not. The EDK2 reference implementation
supports it and we also should.
Change-Id: I5894ea23b89a5667663f80ad724d05885debafe6
Signed-off-by: Gabor Toth <gabor.toth2@arm.com>
|
|
Cleanup should not try removing unclearable variables and should
report error if cleaning something failed.
Variable cleanup is moved from the beginning of the tests to the
end to avoid leaving trash in the store.
Change-Id: If76a87e268345e93f1dd0f1e0b084ef489ccf61f
Signed-off-by: Gabor Toth <gabor.toth2@arm.com>
|
|
Add RPMB block storage to host libts, component-test build and
ts-service-test builds.
Signed-off-by: Imre Kis <imre.kis@arm.com>
Change-Id: Ife45ea753476e9014334b2ccec698337cd719654
|
|
Add component for creating RPMB based block store instance.
Signed-off-by: Imre Kis <imre.kis@arm.com>
Change-Id: I32dfe35f56220a676607c36a96464301ea7f66d8
|
|
Add RPMB service context for standalone contexts. This service context
uses the emulated RPMB backend.
Signed-off-by: Imre Kis <imre.kis@arm.com>
Change-Id: I0282c1462c518de0ff3c8b682441d2ecfdfae288
|
|
Implement block store interface using the RPMB frontend.
Signed-off-by: Imre Kis <imre.kis@arm.com>
Change-Id: I230f2294c0bbb94e04634dd6c32c103c39048747
|
|
Cover RPMB frontend with unit tests using the mock backend and platform.
Signed-off-by: Imre Kis <imre.kis@arm.com>
Change-Id: I69f91ebe5888186351e40d38d5b24c8d0d7ed126
|
|
The platform uses CppUMock for enabling the testing of upper RPMB
layers.
Signed-off-by: Imre Kis <imre.kis@arm.com>
Change-Id: Ib0a63eea30e43335ecd44674f18844c5310d9c47
|
|
The platform uses the PSA crypto API for calculating hashes and for
generating random nonce values. For deriving the RPMB authentication key
it uses a dummy HUK value.
Signed-off-by: Imre Kis <imre.kis@arm.com>
Change-Id: Ibb0598489300d15a2581d73321fb5c4d9d813682
|
|
The RPMB frontend provides a high level read/write interface for
accessing the RPMB device and it does calls to the RPMB backend. This
component contains the main RPMB logic, including:
* Writing authentication key
* Handling the write counter
* Building and verifying RPMB data frames
Signed-off-by: Imre Kis <imre.kis@arm.com>
Change-Id: I2bd2589f4f99370381e1594beb4e04921c3fba36
|
|
The backend uses CppUMock for enabling the testing of upper RPMB layers.
Signed-off-by: Imre Kis <imre.kis@arm.com>
Change-Id: I1289ffa335610a6558a6d133351b47005cb39b7d
|
|
The backend uses a memory allocated buffer for storing data and it
emulates all the necessary data frame checks which makes it ideal for
testing in host environment.
Signed-off-by: Imre Kis <imre.kis@arm.com>
Change-Id: I18600ad6ccf969e75b43029a04daf8c3524aec59
|
|
Implement RPMB service client for accessing remote RPMB backends via the
RPC layer.
Signed-off-by: Imre Kis <imre.kis@arm.com>
Change-Id: I4b4c6fd808864903653ed36620b51267c352d3d8
|
|
Implement RPMB service provider to make remote RPMB backends accessible
via the RPC layer.
Signed-off-by: Imre Kis <imre.kis@arm.com>
Change-Id: Id8d04a8cb12fb1d118e653022107207217a9800a
|
|
Add RPMB backend layer and RPMB related definitions for providing an
interface for RPMB hardware access.
Signed-off-by: Imre Kis <imre.kis@arm.com>
Change-Id: I64e253078171c4a8296e4125c53b22eed05e2092
|
|
* Fix UEFI authenticated variable header generator script by including
variable data.
* Generate new authenticated variable test headers
* Add test cases to cover various set/get scenarios
* Add missing check to SMM variable client
Signed-off-by: Imre Kis <imre.kis@arm.com>
Change-Id: Iae28742aa4d8b8888a82dc9993d729fe0ccf6508
|
|
After authentication the header is not used anymore so remove it
instead of storing.
Return EFI_SECURITY_VIOLATION if the authentication request can not
be verified, because the parent variable does not exist.
Signed-off-by: Gabor Toth <gabor.toth2@arm.com>
Change-Id: If5b106a7dcfaacbdd05ecf0b3fc83fd5d45e194a
|
|
The config path was removed from env-test by mistake.
Signed-off-by: Gabor Toth <gabor.toth2@arm.com>
Change-Id: Ie7aa05e6c68d3755cf3c57008bdc3059545f26ac
|
|
Change b-test to allow setting the log directory and the install
directory on the command line. The aim is to allow relocating
output files when executed in the CI.
Signed-off-by: Gyorgy Szing <Gyorgy.Szing@arm.com>
Change-Id: Idd1d82b4abbc6d1ed914c04573a3191183698d0b
|
|
sfs-demo deployment is obsolete, because the tested ITS functionality
is covered by the psa-its-api-test.
Signed-off-by: Gabor Toth <gabor.toth2@arm.com>
Change-Id: I8e98eb52750b8fc00bb4f142898a1dfc7af683b4
|
|
Commit ab5707185a9e ("Add a minimum rsa key size config to psa config")
introduced a minimal RSA key size condition to prevent accidental
misuse. The limit is set to 1024 bits and generating shorter RSA keys
will result in PSA_ERROR_NOT_SUPPORTED. Increase key size crypto tests
in TS service test to pass this check.
Signed-off-by: Imre Kis <imre.kis@arm.com>
Change-Id: I917d0bf572fbf763a68c6d479d23ba66e9da6c13
|
|
The ps_api_tests::createAndSet() function has been renamed but the
change wasn't reflected in some of the component tests, which made the
component-test deployment fail to build. Fix this.
Fixes: 7455c1a691de ("Remove psa_ps_create() support for secure flash store")
Signed-off-by: Balint Dobszay <balint.dobszay@arm.com>
Change-Id: Ib09e02c339ed667ec9a1a38338adcd0746b1f628
|
|
Consider warnings as errors and correct them.
Signed-off-by: Gabor Toth <gabor.toth2@arm.com>
Change-Id: I2d777ee56b21750966b75147be6c4eb73229043f
|
|
Signed-off-by: Imre Kis <imre.kis@arm.com>
Change-Id: I02c825f4aeb7721b0f9b91a5477cffd5e25247ba
|
|
Update MM communicate register ABI documentation to match the
implementation.
Signed-off-by: Imre Kis <imre.kis@arm.com>
Change-Id: Ica359521a265dba38124a8cab65b0e1739cf565a
|
|
The secure flash store does not support the psa_ps_set_extended() call
which is correctly reported by the psa_ps_get_support()'s return
value. However SFS implements psa_ps_create() which is an optional call
and it's intended use is to create an entry for future
psa_ps_set_extended() calls. In cases where psa_ps_set_extended() is not
implemented psa_ps_create() is redundant to psa_ps_set().
The PSA PS API tests expects psa_ps_create() to fail with
PSA_ERROR_NOT_SUPPORTED if the PSA_STORAGE_SUPPORT_SET_EXTENDED flag is
not reported by psa_ps_get_support(), so this change fixes test 414.
Signed-off-by: Imre Kis <imre.kis@arm.com>
Change-Id: I07f13a64793152e61094ef9e1642fb2b57269899
|
|
This feature adds support for protecting UEFI variables from tampering
using cryptographic means as defined by the standard.
If the feature is enabled the SmmGW SP can rely on the PSA-Crypto SP to
execute cryptographic operations or alternatively a crypto library
instance can be hosted in the SP.
For implementation details please refer to the updated documentation.
Change-Id: I0686834166dac50cb4ea97bcd1d232e0ca271d48
Signed-Off-By: Gyorgy Szing <gyorgy szing@arm.com>
|
|
Changes:
- variable_store_tests.cpp
- eliminate duplicated string size calculation
- simplify compare_variable_name(). The function is changed to fail
if size of the two string is not matching.
- There was a repeating pattern creating uint8_t msg_buffer on the
stack. This is test code, but a large enough name + data could
cause stack underrun. I added a vector and use it as a buffer.
This moves allocation to the HEAP and the compiler will take care
of cleaning up the memory when the variable goes out of scope.
- variable_index_tests.cpp
- eliminate duplicated string size calculation
- convert null_name to a class member to remove code duplication
Signed-off-by: Gyorgy Szing <Gyorgy.Szing@arm.com>
Change-Id: Ieb108bf84dde21b7659c90452c42c8e7428909e0
|
|
std::basic_string can not return the number of bytes needed to store
the string. The size function returns the number of character values,
which for multi byte strings is not the size but the length.
As a solution the code needs to calculate the "real" size, which was
done at multiple places with repeated code. Introduce a template
function called string_get_length_in_bytes() to remove code duplication.
Change-Id: I5d557558f9f9bb14b8905bd3afddee1faef8142a
Signed-off-by: Gyorgy Szing <Gyorgy.Szing@arm.com>
|
|
Update the component to support the usage of internal mbedtls
instance for signature verification instead of crypto SP.
Change-Id: I24ae5e08930accbd61c2333caf31333db3560c98
Signed-off-by: Gabor Toth <gabor.toth2@arm.com>
|
|
Enable uefi variable authentication in libts and create uefi direct
backend to provide signature verification API that would normally be
accessible with using the crypto SP.
Change-Id: I1d95981ef5b2b4ee75438565c1e4cf82eadbab40
Signed-off-by: Gabor Toth <gabor.toth2@arm.com>
|
|
Separate enumerateStoreContents test to three separate cases to test
enumeration, read-only variables and boot state handling and change
them to be independent from each other. Also update all other tests
to avoid using variables accessible only in boot state.
Change-Id: I61a1f01aef71511bad192955e6a19ed5c795ad24
Signed-off-by: Gabor Toth <gabor.toth2@arm.com>
Signed-off-by: Gyorgy Szing <gyorgy.szing@arm.com>
|
|
Adding UEFI authenticated variables related information
to the documentation.
Signed-off-by: Gabor Toth <gabor.toth2@arm.com>
Change-Id: Ic4fd4b6d73994f8a1ddf0ce4e3a0706589f1fd54
|
|
Update uefi_variable_store_get_next_variable_name to avoid returning
variables with boot-only access when boot phase is over.
Signed-off-by: Gabor Toth <gabor.toth2@arm.com>
Change-Id: If669b116df65f7a3552e4900e9e6a07b7ef17f54
|
|
Creating tests to verify the new authentication feature in the
uefi service and updating the old tests to meet the changes.
Also adding tool to generate all the inputs that are needed
for the aforementioned functionality.
Moreover remove UEFi tests as these are executed part of a dedicated
test executable.
Signed-off-by: Gabor Toth <gabor.toth2@arm.com>
Signed-off-by: Gyorgy Szing <gyorgy.szing@arm.com>
Change-Id: I7aa533dcad582f7300895a15bfacdb7d2f465041
|
|
UEFI defines strings to use 16 bits wide code values. Use std::u16string
instead of wstring in C++ code for better portability.
Change-Id: Id8c2cdddb796a62a3aa14a5200038cd613ea1c17
Signed-off-by: Gabor Toth <gabor.toth2@arm.com>
Signed-off-by: Gyorgy Szing <gyorgy.szing@arm.com>
|
|
Variable authentication is a way to ensure the integrity and
authenticity of certain UEFI variables. To modify or delete
such variable the request has to be verified by other variables
that store the keys. This change implements the aforementioned
functionality.
efi_image_authentication.h was copied from
https://github.com/tianocore/edk2 repository:
sha: c96b4da2a079eb837ab3af9aeb86a97078b3bde6
Original file: MdePkg/Include/Guid/ImageAuthentication.h
Some lines were also added to this file from: MdePkg/Include/Protocol/Hash.h
For details please refer to the comments in the source.
Signed-off-by: Gabor Toth <gabor.toth2@arm.com>
Change-Id: I05b8406834ebb77ab21c5fef61d0327625ec0e72
|
|
Add build and run instructions for the SPMC test. Document the structure
of the SPMC test environment and the implemented test cases.
Signed-off-by: Imre Kis <imre.kis@arm.com>
Change-Id: I5139f36dc78a2c37c3000f15f74722f945ab738f
|
|
Fix global substitution declarations by adding missing colons.
Signed-off-by: Imre Kis <imre.kis@arm.com>
Change-Id: Ia552bc7891f6bfceff03a3d6106056956faf176b
|
|
Add FFA_MEM_PERM_GET/SET test to the SPMC test SPs.
Signed-off-by: Gabor Toth <gabor.toth2@arm.com>
Signed-off-by: Jelle Sels <jelle.sels@arm.com>
Change-Id: I538478f09ce0d3c4f27552db25ec005bd764744e
|
|
Remove nanopb dependency from uefi-test deployment,
because it does not use protobuf.
Change-Id: I3195797a6d3c1e7b014cf7a499a78ab8b0784a3c
Signed-off-by: Gabor Toth <gabor.toth2@arm.com>
|
|
There are many missing const modifiers from variable store functions
resulting in warnings.
Signed-off-by: Gabor Toth <gabor.toth2@arm.com>
Change-Id: I1d19eb8794cb368a64309f4649bfbfaebd00ede6
|
|
Crypto SP provides hash calculation and signature verification API-s
that will be used by the uefi service in SMMGW SP.
Signed-off-by: Gabor Toth <gabor.toth2@arm.com>
Change-Id: I03e2862662734275221481784d82d8498c6f08af
|
|
UEFI tests require more space for the authenticated variable tests
so the flash size is changed to be configurable. On FVP it will have
an increased size.
Signed-off-by: Gabor Toth <gabor.toth2@arm.com>
Change-Id: Ifac6b98cdb241474fd3f61411a546efd540496fb
|
|
The UEFI service of SMM gateway needs pkcs7 signature verification
to authorize variable accesses. Instead of duplicating the mbedtls
entities, crypto SP will provide an interface to do the signature
verification.
Signed-off-by: Gabor Toth <gabor.toth2@arm.com>
Change-Id: I7b0472435ac1620c4fe42d0592e1c64faaf10df7
|
|
UEFI service has a huge amount of checkpatch findings. This commit
eliminates them before the implementation of the new feature is
started.
Change-Id: I211c52339660cd9b0d906c52669095df322bf4aa
Signed-off-by: Gabor Toth <gabor.toth2@arm.com>
|
|
In preparation for adding authenticated variable support, this
commit adds a service/uefi directory to act as a parent for
uefi related service components. The auth support that will
be added has broader scope than just uefi variables and may
also be used for capsule verification. Because of this,
it will live in its own directory.
Signed-off-by: Julian Hall <julian.hall@arm.com>
Signed-off-by: Gabor Toth <gabor.toth2@arm.com>
Change-Id: Ie58f6537a8e105dfcf0904c8a80a27bdf219502a
|
|
Up until now, only libmbedcrypto has been used for builds of the
MbedTLS external component. In preparation for using other libraries
produced by MbedTLS (e.g. libmbedx509), this change moves the build
configuration to be defined by a deployment that depends on MbedTLS
in some way. This allows a deployment specific configuration to be
applied that impacts the complete set of mbedTLS library dependencies.
To allow for reuse of common configurations, a new config directory
has been added under external/MbedTLS to provide a home for reusable
config header files.
Signed-off-by: Julian Hall <julian.hall@arm.com>
Signed-off-by: Gabor Toth <gabor.toth2@arm.com>
Change-Id: Icfdeb796d9bda185c30f68e525f7644f1edd4770
|
|
Change cmake scripts to use same source of truth when building and when
searching for libts.
Change-Id: I75d8be110b6b4dc601a9eaedc603214bf566b91a
Signed-off-by: Gyorgy Szing <Gyorgy.Szing@arm.com>
|
|
Update the release notes & changelog page, and bump version numbers.
Change-Id: Ie90f46a8dbd9742fe34fe4bda7180b03731c3e8a
Signed-off-by: Gyorgy Szing <Gyorgy.Szing@arm.com>
|