Skip to content

v2023110000.0.4
Compare
Choose a tag to compare
@github-actions github-actions released this 05 Mar 15:16
· 43 commits to refs/heads/release/202311 since this release
v2023110000.0.4
5af0370

What's Changed

  • [CHERRY-PICK] Add StackCheckLib Instances to Platform DSC Files (#252) @TaylorBeebe (#253)
    Change Details
      ## Description

    An instance of StackCheckLib must be in each DSC to accommodate -fstack-protector and /GS flags.

    • Impacts functionality?
    • Functionality - Does the change ultimately impact how firmware functions?
    • Examples: Add a new library, publish a new PPI, update an algorithm, ...
    • Impacts security?
    • Security - Does the change have a direct security impact on an application,
      flow, or firmware?
      • Examples: Crypto algorithm change, buffer overflow fix, parameter validation improvement, ...
    • Breaking change?
    • Breaking change - Will anyone consuming this change experience a break
      in build or boot behavior?
    • Examples: Add a new library class, move a module to a different repo, call
      a function in a new library class in a pre-existing module, ...
    • Includes tests?
      • Tests - Does the change include any explicit test code?
      • Examples: Unit tests, integration tests, robot tests, ...
    • Includes documentation?
    • Documentation - Does the change contain explicit documentation additions
      outside direct code modifications (and comments)?
    • Examples: Update readme file, add feature readme file, link to documentation
      on an a separate Web page, ...

    How This Was Tested

    Tested in pipelines

    Integration Instructions

    N/A



  • Delete PK broken on latest integration due to not using CUSTOM MODE or UserPhysicallyPresent(..) @Flickdm (#254)
    Change Details
      # Preface

    Description

    This reverts the revert where we reverted the update that supports SHA384 and SHA512.

    When ProcessVarWithPk(..) is called the expected code path is that you are in CUSTOM MODE and a UserPhysicallyPresent. Neither of which Project MU does or supports. So we end up falling down into VerifyTimeBasedPayloadAndUpdate(..). From there we fall into VerifyTimeBasedPayload and then finally we were depending on a special case where the size wasn't checked to hit the following line

     // If the VariablePolicy engine is disabled, allow deletion of any authenticated variables.
 if ((PayloadSize == 0) && ((Attributes & EFI_VARIABLE_APPEND_WRITE) == 0) && !IsVariablePolicyEnabled ()) {
   VerifyStatus = TRUE;
   goto Exit;
 }

    This would work in 202302 and before allow us to delete the PK. However in this commit the logic to detect digest algorithm was changed and now prevents any payload with an invalid signature size (such as a PK Delete payload) from working.

    History:

    1. Original Commit From EDK2
    2. Cherry-pick into MU_TIANO_PLUS
    3. Partial Revert to remove unnecessary logic

    Bug seen where PK cannot be deleted
    See Issue #246

    1. Revert "SecurityPkg/SecureBoot: Support RSA4096 and RSA3072" and follow up change
    2. Revert "SecurityPkg/SecureBoot: Support RSA4096 and RSA3072"

    This patch series contains the original two commits and the bug fix

    1. Cherry-pick into MU_TIANO_PLUS
    2. Partial Revert to remove unnecessary logic
    3. SecurityPkg/SecureBoot: Support special case where PK is being deleted.

    Effectively this adds a special case where if the signature is 0

    For each item, place an "x" in between [ and ] if true. Example: [x].
    (you can also check items in the GitHub UI)

    • Impacts functionality?
      • Functionality - Allows for a PK to be deleted
    • Impacts security?
      • Security - No
    • Breaking change?
      • Breaking change - No
    • Includes tests?
      • Tests - No
    • Includes documentation?
      • Documentation - No

    How This Was Tested

    1. Boot QemuQ35
    2. Enable Secure Boot with the Microsoft Only Certificates
    3. Boot to the Front Page
    4. Go to the Security Tab - Reboot to Front Page
    5. Disable Secure Boot by selecting None
    6. If broken firmware will assert
    7. otherwise proceed

    Additionally, confirmed that authenticated variables with valid signature data using the hash algorithms SHA256, SHA384 and SHA512 still work.

    Integration Instructions

    N/A



  • Corrects spelling error in unit test @Flickdm (#250)
    Change Details
      # Preface

    Description

    Pipeline just started picking up a spelling mistake in a log message in a unit test

    • Impacts functionality?
      • Functionality - No
    • Impacts security?
      • Security - No
    • Breaking change?
      • Breaking change - No
    • Includes tests?
      • Tests - No
    • Includes documentation?
      • Documentation - No

    How This Was Tested

    N/A

    Integration Instructions

    N/A



  • Revert "SecurityPkg/SecureBoot: Support RSA4096 and RSA3072" and follow up change. @cfernald (#246)
    Change Details
      ## Description

    Reverts commit 36b848b.
    Reverts commit bbf1822.

    This change has created an issue where the PK cannot be deleted after creation because of a hashing signature mismatch. This change is to revert the offending change until this issue can be further debugged.

    • Impacts functionality?
    • Impacts security?
    • Breaking change?
    • Includes tests?
    • Includes documentation?

    How This Was Tested

    Tested oh physical platform

    Integration Instructions

    N/A



Full Changelog: v2023110000.0.3...v2023110000.0.4

Contributors

Flickdm, cfernald, and TaylorBeebe
Assets 2
Loading