[PATCH 07/15] uefirtauthvar: add setting old authenticated variable test

Ivan Hu ivan.hu at canonical.com
Wed Oct 22 09:38:48 UTC 2014 

Set the old data and timestamp authenticated variable, fw need to
check the authenticaed information and return EFI_SECURITY_VIOLATION.

Signed-off-by: Ivan Hu <ivan.hu at canonical.com>
---
 src/uefi/uefirtauthvar/uefirtauthvar.c |   36 ++++++++++++++++++++++++++++++++
 1 file changed, 36 insertions(+)

diff --git a/src/uefi/uefirtauthvar/uefirtauthvar.c b/src/uefi/uefirtauthvar/uefirtauthvar.c
index 0af2714..0d98f33 100644
--- a/src/uefi/uefirtauthvar/uefirtauthvar.c
+++ b/src/uefi/uefirtauthvar/uefirtauthvar.c
@@ -429,12 +429,48 @@ static int uefirtauthvar_test5(fwts_framework *fw)
 	return FWTS_OK;
 }
 
+/*
+ * After updated, set the old data and timestamp authenticated variable,
+ * AuthVarCreate, expect EFI_SECURITY_VIOLATION returned.
+ */
+static int uefirtauthvar_test6(fwts_framework *fw)
+{
+	long ioret;
+	uint64_t status;
+	int supcheck;
+
+	ioret = setvar(&gtestguid, attributes, sizeof(AuthVarCreate), AuthVarCreate, &status);
+
+	if (ioret == -1) {
+		supcheck = check_fw_support(fw, status);
+		if (supcheck != FWTS_OK)
+			return supcheck;
+
+		if (status == EFI_SECURITY_VIOLATION) {
+			fwts_passed(fw, "Authenticated variable test with old authenticated variable passed.");
+			return FWTS_OK;
+		}
+
+		fwts_failed(fw, LOG_LEVEL_MEDIUM,
+			"UEFISetOldAuthVar",
+			"Set authenticated variable fail");
+			fwts_uefi_print_status_info(fw, status);
+	}
+
+	fwts_failed(fw, LOG_LEVEL_HIGH,
+		"UEFISetOldAuthVar",
+		"Set authenticated variable expected fail but success");
+
+	return FWTS_ERROR;
+}
+
 static fwts_framework_minor_test uefirtauthvar_tests[] = {
 	{ uefirtauthvar_test1, "Create authenticated variable test." },
 	{ uefirtauthvar_test2, "Authenticated variable test with the same authenticated variable." },
 	{ uefirtauthvar_test3, "Authenticated variable test with another valid authenticated variable." },
 	{ uefirtauthvar_test4, "Append authenticated variable test." },
 	{ uefirtauthvar_test5, "Update authenticated variable test." },
+	{ uefirtauthvar_test6, "Authenticated variable test with old authenticated variable." },
 	{ NULL, NULL }
 };
 
-- 
1.7.9.5

More information about the fwts-devel mailing list