1. Edk2 | Devel
  2. Topics

[PATCH] SecurityPkg: check return value of GetEfiGlobalVariable2() in DxeImageVerificationHandler()

Yao, Jiewen
 

Thanks for the patch.

Would you please share the info that, how this patch is tested?

Have you created a situation to cause GetEfiGlobalVariable2() returns failure here?

-----Original Message-----
From: Jon Maloy <jmaloy@...>
Sent: Friday, December 2, 2022 11:05 AM
To: devel@edk2.groups.io
Cc: kraxel@...; lersek@...; jmaloy@...; Yao,
Jiewen <jiewen.yao@...>; Wang, Jian J <jian.j.wang@...>; Xu,
Min M <min.m.xu@...>
Subject: [edk2-devel] [PATCH] SecurityPkg: check return value of
GetEfiGlobalVariable2() in DxeImageVerificationHandler()

Fixes: CVE-2019-14560

GetEfiGlobalVariable2() is used in some instances when looking up the
SecureBoot UEFI variable. The API can fail in certain circumstances,
for example, if AllocatePool() fails or if gRT->GetVariable() fails.
In the case of secure boot checks, it is critical that this return value
is checked. if an attacker can cause the API to fail, it would currently
constitute a secure boot bypass.

This return value check is missing in the function
DxeImageVerificationHandler(),
so we add it here.

This commit is almost identical to one suggested by Jian J Wang
<jian.j.wang@...>
on 2019-09-09, but that one was for some reason never posted to the
edk2-devel
list. We now make a new attempt to get it reviewed and applied.

Cc: Jiewen Yao <jiewen.yao@...>
Cc: Jian J Wang <jian.j.wang@...>
Cc: Min Xu <min.m.xu@...>
Cc: devel@edk2.groups.io

Signed-off-by: Jon Maloy <jmaloy@...>
---
.../DxeImageVerificationLib.c | 39 +++++++++++--------
1 file changed, 23 insertions(+), 16 deletions(-)

diff --git
a/SecurityPkg/Library/DxeImageVerificationLib/DxeImageVerificationLib.c
b/SecurityPkg/Library/DxeImageVerificationLib/DxeImageVerificationLib.c
index 66e2f5eaa3c0..4ae0bd8b20db 100644
--- a/SecurityPkg/Library/DxeImageVerificationLib/DxeImageVerificationLib.c
+++
b/SecurityPkg/Library/DxeImageVerificationLib/DxeImageVerificationLib.c
@@ -1686,6 +1686,7 @@ DxeImageVerificationHandler (
RETURN_STATUS PeCoffStatus;
EFI_STATUS HashStatus;
EFI_STATUS DbStatus;
+ EFI_STATUS SecBootStatus;
BOOLEAN IsFound;

SignatureList = NULL;
@@ -1742,23 +1743,29 @@ DxeImageVerificationHandler (
CpuDeadLoop ();
}

- GetEfiGlobalVariable2 (EFI_SECURE_BOOT_MODE_NAME, (VOID
**)&SecureBoot, NULL);
- //
- // Skip verification if SecureBoot variable doesn't exist.
- //
- if (SecureBoot == NULL) {
- return EFI_SUCCESS;
- }
+ SecBootStatus = GetEfiGlobalVariable2
(EFI_SECURE_BOOT_MODE_NAME, (VOID **)&SecureBoot, NULL);
+ if (!EFI_ERROR (SecBootStatus)) {
+ if (SecureBoot == NULL) {
+ //
+ // Skip verification if SecureBoot variable doesn't exist.
+ //
+ return EFI_SUCCESS;
+ } else {
+ //
+ // Skip verification if SecureBoot is disabled but not AuditMode
+ //
+ if (*SecureBoot == SECURE_BOOT_MODE_DISABLE) {
+ FreePool (SecureBoot);
+ return EFI_SUCCESS;
+ }
+ FreePool (SecureBoot);
+ }
+ } else {
+ //
+ // Assume SecureBoot enabled in the case of error.
+ //
+ }

- //
- // Skip verification if SecureBoot is disabled but not AuditMode
- //
- if (*SecureBoot == SECURE_BOOT_MODE_DISABLE) {
- FreePool (SecureBoot);
- return EFI_SUCCESS;
- }
-
- FreePool (SecureBoot);

//
// Read the Dos header.
--
2.35.3

Jon Maloy
 

Fixes: CVE-2019-14560

GetEfiGlobalVariable2() is used in some instances when looking up the
SecureBoot UEFI variable. The API can fail in certain circumstances,
for example, if AllocatePool() fails or if gRT->GetVariable() fails.
In the case of secure boot checks, it is critical that this return value
is checked. if an attacker can cause the API to fail, it would currently
constitute a secure boot bypass.

This return value check is missing in the function DxeImageVerificationHandler(),
so we add it here.

This commit is almost identical to one suggested by Jian J Wang <jian.j.wang@...>
on 2019-09-09, but that one was for some reason never posted to the edk2-devel
list. We now make a new attempt to get it reviewed and applied.

Cc: Jiewen Yao <jiewen.yao@...>
Cc: Jian J Wang <jian.j.wang@...>
Cc: Min Xu <min.m.xu@...>
Cc: devel@edk2.groups.io

Signed-off-by: Jon Maloy <jmaloy@...>
---
.../DxeImageVerificationLib.c | 39 +++++++++++--------
1 file changed, 23 insertions(+), 16 deletions(-)

diff --git a/SecurityPkg/Library/DxeImageVerificationLib/DxeImageVerificationLib.c b/SecurityPkg/Library/DxeImageVerificationLib/DxeImageVerificationLib.c
index 66e2f5eaa3c0..4ae0bd8b20db 100644
--- a/SecurityPkg/Library/DxeImageVerificationLib/DxeImageVerificationLib.c
+++ b/SecurityPkg/Library/DxeImageVerificationLib/DxeImageVerificationLib.c
@@ -1686,6 +1686,7 @@ DxeImageVerificationHandler (
RETURN_STATUS PeCoffStatus;
EFI_STATUS HashStatus;
EFI_STATUS DbStatus;
+ EFI_STATUS SecBootStatus;
BOOLEAN IsFound;

SignatureList = NULL;
@@ -1742,23 +1743,29 @@ DxeImageVerificationHandler (
CpuDeadLoop ();
}

- GetEfiGlobalVariable2 (EFI_SECURE_BOOT_MODE_NAME, (VOID **)&SecureBoot, NULL);
- //
- // Skip verification if SecureBoot variable doesn't exist.
- //
- if (SecureBoot == NULL) {
- return EFI_SUCCESS;
- }
+ SecBootStatus = GetEfiGlobalVariable2 (EFI_SECURE_BOOT_MODE_NAME, (VOID **)&SecureBoot, NULL);
+ if (!EFI_ERROR (SecBootStatus)) {
+ if (SecureBoot == NULL) {
+ //
+ // Skip verification if SecureBoot variable doesn't exist.
+ //
+ return EFI_SUCCESS;
+ } else {
+ //
+ // Skip verification if SecureBoot is disabled but not AuditMode
+ //
+ if (*SecureBoot == SECURE_BOOT_MODE_DISABLE) {
+ FreePool (SecureBoot);
+ return EFI_SUCCESS;
+ }
+ FreePool (SecureBoot);
+ }
+ } else {
+ //
+ // Assume SecureBoot enabled in the case of error.
+ //
+ }

- //
- // Skip verification if SecureBoot is disabled but not AuditMode
- //
- if (*SecureBoot == SECURE_BOOT_MODE_DISABLE) {
- FreePool (SecureBoot);
- return EFI_SUCCESS;
- }
-
- FreePool (SecureBoot);

//
// Read the Dos header.
--
2.35.3

1 - 2 of 2