[PATCH] uefirtauthvar: remove test with EFI_VARIABLE_AUTHENTICATED_WRITE_ACCESS

Ivan Hu ivan.hu at canonical.com
Fri Mar 16 07:45:02 UTC 2018 

Attribute EFI_VARIABLE_AUTHENTICATED_WRITE_ACCESS has been deprecated in
UEFI 2.7, test with this attribute is not proper anymore. And some tests
have been added to uefirtvariable test for checking
EFI_VARIABLE_AUTHENTICATED_WRITE_ACCESS attribute supporting on firmware.
so, remove this test.

Signed-off-by: Ivan Hu <ivan.hu at canonical.com>
---
 src/uefi/uefirtauthvar/uefirtauthvar.c | 48 ++--------------------------------
 1 file changed, 2 insertions(+), 46 deletions(-)

diff --git a/src/uefi/uefirtauthvar/uefirtauthvar.c b/src/uefi/uefirtauthvar/uefirtauthvar.c
index 7d837a3..c203174 100644
--- a/src/uefi/uefirtauthvar/uefirtauthvar.c
+++ b/src/uefi/uefirtauthvar/uefirtauthvar.c
@@ -673,53 +673,10 @@ static int uefirtauthvar_test10(fwts_framework *fw)
 }
 
 /*
- * The authenticated variable is followed EFI_VARIABLE_AUTHENTICATION_2 descriptor,
- * set the authenticated variable with invalid
- * EFI_VARIABLE_AUTHENTICATED_WRITE_ACCESS instead of
- * EFI_VARIABLE_TIME_BASED_AUTHENTICATED_WRITE_ACCESS attribute should
- * return EFI_SECURITY_VIOLATION.
- */
-static int uefirtauthvar_test11(fwts_framework *fw)
-{
-	long ioret;
-
-	uint64_t status;
-	uint32_t attr = FWTS_UEFI_VAR_NON_VOLATILE |
-			FWTS_UEFI_VAR_BOOTSERVICE_ACCESS |
-			FWTS_UEFI_VAR_RUNTIME_ACCESS |
-			FWTS_UEFI_VARIABLE_AUTHENTICATED_WRITE_ACCESS;
-
-	ioret = setvar(&gtestguid, attr, sizeof(AuthVarCreate), AuthVarCreate, &status);
-
-	if (ioret == -1) {
-		int supcheck = check_fw_support(fw, status);
-
-		if (supcheck != FWTS_OK)
-			return supcheck;
-
-		if (status == EFI_SECURITY_VIOLATION) {
-			fwts_passed(fw, "Set authenticated variable test with invalid attributes passed.");
-			return FWTS_OK;
-		}
-
-		fwts_failed(fw, LOG_LEVEL_MEDIUM,
-			"UEFISetAuthVarInvalidAttr",
-			"Set authenticated variable fail");
-		fwts_uefi_print_status_info(fw, status);
-	}
-
-	fwts_failed(fw, LOG_LEVEL_HIGH,
-		"UEFISetAuthVarInvalidAttr",
-		"Set authenticated variable expected fail but success");
-
-	return FWTS_ERROR;
-}
-
-/*
  * Test with setting and deleting another authenticated variable,
  * after previous test authenticated variable was deleted.
  */
-static int uefirtauthvar_test12(fwts_framework *fw)
+static int uefirtauthvar_test11(fwts_framework *fw)
 {
 	long ioret;
 
@@ -825,8 +782,7 @@ static fwts_framework_minor_test uefirtauthvar_tests[] = {
 	{ uefirtauthvar_test8, "Authenticated variable test with invalid modified data." },
 	{ uefirtauthvar_test9, "Authenticated variable test with invalid modified timestamp." },
 	{ uefirtauthvar_test10, "Authenticated variable test with different guid." },
-	{ uefirtauthvar_test11, "Authenticated variable test with invalid attributes." },
-	{ uefirtauthvar_test12, "Set and delete authenticated variable created by different key test." },
+	{ uefirtauthvar_test11, "Set and delete authenticated variable created by different key test." },
 	{ NULL, NULL }
 };
 
-- 
2.7.4

More information about the fwts-devel mailing list