From 0b02cc8314bebe97354a57614fa5464ec931363e Mon Sep 17 00:00:00 2001 From: Nick Bofferding Date: Mon, 5 Mar 2018 23:58:01 -0600 Subject: Secure Boot: Check integrity of dynamically sized secure header copies When reading a secure header, the container header object can overrun a buffer when number of ECIDs or software keys specified is greater than the supported amount. This change implements hard enforcement to ensure that this is no longer possible. Change-Id: Ife9194763f858b37e2de6f12fa01d74da1145df3 CQ: SW419735 Reviewed-on: http://ralgit01.raleigh.ibm.com/gerrit1/55088 CI-Ready: Nicholas E. Bofferding Tested-by: Jenkins Server Tested-by: Jenkins OP Build CI Tested-by: Jenkins OP HW Reviewed-by: ILYA SMIRNOV Reviewed-by: Michael Baiocchi Reviewed-by: Marshall J. Wilks Tested-by: FSP CI Jenkins Reviewed-by: William G. Hoffa --- src/include/usr/secureboot/secure_reasoncodes.H | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) (limited to 'src/include/usr/secureboot/secure_reasoncodes.H') diff --git a/src/include/usr/secureboot/secure_reasoncodes.H b/src/include/usr/secureboot/secure_reasoncodes.H index bee232ee7..5dcb4bf5a 100644 --- a/src/include/usr/secureboot/secure_reasoncodes.H +++ b/src/include/usr/secureboot/secure_reasoncodes.H @@ -47,6 +47,7 @@ namespace SECUREBOOT MOD_SECURE_SET_SBE_SECURE_MODE = 0x0D, MOD_SECURE_GET_ALL_SEC_REGS = 0x0E, MOD_SECURE_LOAD_HEADER = 0x0F, + MOD_SECURE_VALIDATE_ECID_COUNT = 0x10, }; enum SECUREReasonCode @@ -70,7 +71,7 @@ namespace SECUREBOOT RC_PROC_NOT_SCOMABLE = SECURE_COMP_ID | 0x10, RC_DEVICE_READ_ERR = SECURE_COMP_ID | 0x11, RC_INVALID_BASE_HEADER = SECURE_COMP_ID | 0x12, - + RC_INVALID_ECID_COUNT = SECURE_COMP_ID | 0x13, // Reason codes 0xA0 - 0xEF reserved for trustedboot_reasoncodes.H }; -- cgit v1.2.1