]> git.proxmox.com Git - mirror_edk2.git/blob - SecurityPkg/VariableAuthenticated/RuntimeDxe/VariableSmmRuntimeDxe.c
projects / mirror_edk2.git / blob
? search:
summary | shortlog | log | commit | commitdiff | tree
blame | history | raw | HEAD
Fix potential overflow for SetVariable interface
[mirror_edk2.git] / SecurityPkg / VariableAuthenticated / RuntimeDxe / VariableSmmRuntimeDxe.c
1 /** @file
2 Implement all four UEFI Runtime Variable services for the nonvolatile
3 and volatile storage space and install variable architecture protocol
4 based on SMM variable module.
5
6 Caution: This module requires additional review when modified.
7 This driver will have external input - variable data.
8 This external input must be validated carefully to avoid security issue like
9 buffer overflow, integer overflow.
10
11 RuntimeServiceGetVariable() and RuntimeServiceSetVariable() are external API
12 to receive data buffer. The size should be checked carefully.
13
14 InitCommunicateBuffer() is really function to check the variable data size.
15
16 Copyright (c) 2010 - 2013, Intel Corporation. All rights reserved.<BR>
17 This program and the accompanying materials
18 are licensed and made available under the terms and conditions of the BSD License
19 which accompanies this distribution. The full text of the license may be found at
20 http://opensource.org/licenses/bsd-license.php
21
22 THE PROGRAM IS DISTRIBUTED UNDER THE BSD LICENSE ON AN "AS IS" BASIS,
23 WITHOUT WARRANTIES OR REPRESENTATIONS OF ANY KIND, EITHER EXPRESS OR IMPLIED.
24
25 **/
26
27 #include <PiDxe.h>
28 #include <Protocol/VariableWrite.h>
29 #include <Protocol/Variable.h>
30 #include <Protocol/SmmCommunication.h>
31 #include <Protocol/SmmVariable.h>
32
33 #include <Library/UefiBootServicesTableLib.h>
34 #include <Library/UefiRuntimeServicesTableLib.h>
35 #include <Library/MemoryAllocationLib.h>
36 #include <Library/UefiDriverEntryPoint.h>
37 #include <Library/UefiRuntimeLib.h>
38 #include <Library/BaseMemoryLib.h>
39 #include <Library/DebugLib.h>
40 #include <Library/PcdLib.h>
41 #include <Library/UefiLib.h>
42 #include <Library/BaseLib.h>
43
44 #include <Guid/EventGroup.h>
45 #include <Guid/AuthenticatedVariableFormat.h>
46 #include <Guid/SmmVariableCommon.h>
47
48 EFI_HANDLE mHandle = NULL;
49 EFI_SMM_VARIABLE_PROTOCOL *mSmmVariable = NULL;
50 EFI_EVENT mVirtualAddressChangeEvent = NULL;
51 EFI_SMM_COMMUNICATION_PROTOCOL *mSmmCommunication = NULL;
52 UINT8 *mVariableBuffer = NULL;
53 UINT8 *mVariableBufferPhysical = NULL;
54 UINTN mVariableBufferSize;
55 EFI_LOCK mVariableServicesLock;
56
57 /**
58 Acquires lock only at boot time. Simply returns at runtime.
59
60 This is a temperary function that will be removed when
61 EfiAcquireLock() in UefiLib can handle the call in UEFI
62 Runtimer driver in RT phase.
63 It calls EfiAcquireLock() at boot time, and simply returns
64 at runtime.
65
66 @param Lock A pointer to the lock to acquire.
67
68 **/
69 VOID
70 AcquireLockOnlyAtBootTime (
71 IN EFI_LOCK *Lock
72 )
73 {
74 if (!EfiAtRuntime ()) {
75 EfiAcquireLock (Lock);
76 }
77 }
78
79 /**
80 Releases lock only at boot time. Simply returns at runtime.
81
82 This is a temperary function which will be removed when
83 EfiReleaseLock() in UefiLib can handle the call in UEFI
84 Runtimer driver in RT phase.
85 It calls EfiReleaseLock() at boot time and simply returns
86 at runtime.
87
88 @param Lock A pointer to the lock to release.
89
90 **/
91 VOID
92 ReleaseLockOnlyAtBootTime (
93 IN EFI_LOCK *Lock
94 )
95 {
96 if (!EfiAtRuntime ()) {
97 EfiReleaseLock (Lock);
98 }
99 }
100
101 /**
102 Initialize the communicate buffer using DataSize and Function.
103
104 The communicate size is: SMM_COMMUNICATE_HEADER_SIZE + SMM_VARIABLE_COMMUNICATE_HEADER_SIZE +
105 DataSize.
106
107 Caution: This function may receive untrusted input.
108 The data size external input, so this function will validate it carefully to avoid buffer overflow.
109
110 @param[out] DataPtr Points to the data in the communicate buffer.
111 @param[in] DataSize The data size to send to SMM.
112 @param[in] Function The function number to initialize the communicate header.
113
114 @retval EFI_INVALID_PARAMETER The data size is too big.
115 @retval EFI_SUCCESS Find the specified variable.
116
117 **/
118 EFI_STATUS
119 InitCommunicateBuffer (
120 OUT VOID **DataPtr OPTIONAL,
121 IN UINTN DataSize,
122 IN UINTN Function
123 )
124 {
125 EFI_SMM_COMMUNICATE_HEADER *SmmCommunicateHeader;
126 SMM_VARIABLE_COMMUNICATE_HEADER *SmmVariableFunctionHeader;
127
128
129 if (DataSize + SMM_COMMUNICATE_HEADER_SIZE + SMM_VARIABLE_COMMUNICATE_HEADER_SIZE > mVariableBufferSize) {
130 return EFI_INVALID_PARAMETER;
131 }
132
133 SmmCommunicateHeader = (EFI_SMM_COMMUNICATE_HEADER *) mVariableBuffer;
134 CopyGuid (&SmmCommunicateHeader->HeaderGuid, &gEfiSmmVariableProtocolGuid);
135 SmmCommunicateHeader->MessageLength = DataSize + SMM_VARIABLE_COMMUNICATE_HEADER_SIZE;
136
137 SmmVariableFunctionHeader = (SMM_VARIABLE_COMMUNICATE_HEADER *) SmmCommunicateHeader->Data;
138 SmmVariableFunctionHeader->Function = Function;
139 if (DataPtr != NULL) {
140 *DataPtr = SmmVariableFunctionHeader->Data;
141 }
142
143 return EFI_SUCCESS;
144 }
145
146
147 /**
148 Send the data in communicate buffer to SMM.
149
150 @param[in] DataSize This size of the function header and the data.
151
152 @retval EFI_SUCCESS Success is returned from the functin in SMM.
153 @retval Others Failure is returned from the function in SMM.
154
155 **/
156 EFI_STATUS
157 SendCommunicateBuffer (
158 IN UINTN DataSize
159 )
160 {
161 EFI_STATUS Status;
162 UINTN CommSize;
163 EFI_SMM_COMMUNICATE_HEADER *SmmCommunicateHeader;
164 SMM_VARIABLE_COMMUNICATE_HEADER *SmmVariableFunctionHeader;
165
166 CommSize = DataSize + SMM_COMMUNICATE_HEADER_SIZE + SMM_VARIABLE_COMMUNICATE_HEADER_SIZE;
167 Status = mSmmCommunication->Communicate (mSmmCommunication, mVariableBufferPhysical, &CommSize);
168 ASSERT_EFI_ERROR (Status);
169
170 SmmCommunicateHeader = (EFI_SMM_COMMUNICATE_HEADER *) mVariableBuffer;
171 SmmVariableFunctionHeader = (SMM_VARIABLE_COMMUNICATE_HEADER *)SmmCommunicateHeader->Data;
172 return SmmVariableFunctionHeader->ReturnStatus;
173 }
174
175
176 /**
177 This code finds variable in storage blocks (Volatile or Non-Volatile).
178
179 Caution: This function may receive untrusted input.
180 The data size is external input, so this function will validate it carefully to avoid buffer overflow.
181
182 @param[in] VariableName Name of Variable to be found.
183 @param[in] VendorGuid Variable vendor GUID.
184 @param[out] Attributes Attribute value of the variable found.
185 @param[in, out] DataSize Size of Data found. If size is less than the
186 data, this value contains the required size.
187 @param[out] Data Data pointer.
188
189 @retval EFI_INVALID_PARAMETER Invalid parameter.
190 @retval EFI_SUCCESS Find the specified variable.
191 @retval EFI_NOT_FOUND Not found.
192 @retval EFI_BUFFER_TO_SMALL DataSize is too small for the result.
193
194 **/
195 EFI_STATUS
196 EFIAPI
197 RuntimeServiceGetVariable (
198 IN CHAR16 *VariableName,
199 IN EFI_GUID *VendorGuid,
200 OUT UINT32 *Attributes OPTIONAL,
201 IN OUT UINTN *DataSize,
202 OUT VOID *Data
203 )
204 {
205 EFI_STATUS Status;
206 UINTN PayloadSize;
207 SMM_VARIABLE_COMMUNICATE_ACCESS_VARIABLE *SmmVariableHeader;
208 UINTN SmmCommBufPayloadSize;
209 UINTN TempDataSize;
210
211 if (VariableName == NULL || VendorGuid == NULL || DataSize == NULL) {
212 return EFI_INVALID_PARAMETER;
213 }
214
215 if ((*DataSize != 0) && (Data == NULL)) {
216 return EFI_INVALID_PARAMETER;
217 }
218
219 //
220 // SMM Communication Buffer max payload size
221 //
222 SmmCommBufPayloadSize = mVariableBufferSize - (SMM_COMMUNICATE_HEADER_SIZE + SMM_VARIABLE_COMMUNICATE_HEADER_SIZE);
223 TempDataSize = *DataSize;
224
225 //
226 // If VariableName exceeds SMM payload limit. Return failure
227 //
228 if (StrSize (VariableName) > SmmCommBufPayloadSize - OFFSET_OF (SMM_VARIABLE_COMMUNICATE_ACCESS_VARIABLE, Name)) {
229 return EFI_INVALID_PARAMETER;
230 }
231
232 AcquireLockOnlyAtBootTime(&mVariableServicesLock);
233
234 //
235 // Init the communicate buffer. The buffer data size is:
236 // SMM_COMMUNICATE_HEADER_SIZE + SMM_VARIABLE_COMMUNICATE_HEADER_SIZE + PayloadSize.
237 //
238 if (TempDataSize > SmmCommBufPayloadSize - OFFSET_OF (SMM_VARIABLE_COMMUNICATE_ACCESS_VARIABLE, Name) - StrSize (VariableName)) {
239 //
240 // If output data buffer exceed SMM payload limit. Trim output buffer to SMM payload size
241 //
242 TempDataSize = SmmCommBufPayloadSize - OFFSET_OF (SMM_VARIABLE_COMMUNICATE_ACCESS_VARIABLE, Name) - StrSize (VariableName);
243 }
244 PayloadSize = OFFSET_OF (SMM_VARIABLE_COMMUNICATE_ACCESS_VARIABLE, Name) + StrSize (VariableName) + TempDataSize;
245
246 Status = InitCommunicateBuffer ((VOID **)&SmmVariableHeader, PayloadSize, SMM_VARIABLE_FUNCTION_GET_VARIABLE);
247 if (EFI_ERROR (Status)) {
248 goto Done;
249 }
250 ASSERT (SmmVariableHeader != NULL);
251
252 CopyGuid (&SmmVariableHeader->Guid, VendorGuid);
253 SmmVariableHeader->DataSize = TempDataSize;
254 SmmVariableHeader->NameSize = StrSize (VariableName);
255 if (Attributes == NULL) {
256 SmmVariableHeader->Attributes = 0;
257 } else {
258 SmmVariableHeader->Attributes = *Attributes;
259 }
260 CopyMem (SmmVariableHeader->Name, VariableName, SmmVariableHeader->NameSize);
261
262 //
263 // Send data to SMM.
264 //
265 Status = SendCommunicateBuffer (PayloadSize);
266
267 //
268 // Get data from SMM.
269 //
270 if (Status == EFI_SUCCESS || Status == EFI_BUFFER_TOO_SMALL) {
271 //
272 // SMM CommBuffer DataSize can be a trimed value
273 // Only update DataSize when needed
274 //
275 *DataSize = SmmVariableHeader->DataSize;
276 }
277 if (Attributes != NULL) {
278 *Attributes = SmmVariableHeader->Attributes;
279 }
280
281 if (EFI_ERROR (Status)) {
282 goto Done;
283 }
284
285 CopyMem (Data, (UINT8 *)SmmVariableHeader->Name + SmmVariableHeader->NameSize, SmmVariableHeader->DataSize);
286
287 Done:
288 ReleaseLockOnlyAtBootTime (&mVariableServicesLock);
289 return Status;
290 }
291
292
293 /**
294 This code Finds the Next available variable.
295
296 @param[in, out] VariableNameSize Size of the variable name.
297 @param[in, out] VariableName Pointer to variable name.
298 @param[in, out] VendorGuid Variable Vendor Guid.
299
300 @retval EFI_INVALID_PARAMETER Invalid parameter.
301 @retval EFI_SUCCESS Find the specified variable.
302 @retval EFI_NOT_FOUND Not found.
303 @retval EFI_BUFFER_TO_SMALL DataSize is too small for the result.
304
305 **/
306 EFI_STATUS
307 EFIAPI
308 RuntimeServiceGetNextVariableName (
309 IN OUT UINTN *VariableNameSize,
310 IN OUT CHAR16 *VariableName,
311 IN OUT EFI_GUID *VendorGuid
312 )
313 {
314 EFI_STATUS Status;
315 UINTN PayloadSize;
316 SMM_VARIABLE_COMMUNICATE_GET_NEXT_VARIABLE_NAME *SmmGetNextVariableName;
317 UINTN SmmCommBufPayloadSize;
318
319 if (VariableNameSize == NULL || VariableName == NULL || VendorGuid == NULL) {
320 return EFI_INVALID_PARAMETER;
321 }
322
323 //
324 // SMM Communication Buffer max payload size
325 //
326 SmmCommBufPayloadSize = mVariableBufferSize - (SMM_COMMUNICATE_HEADER_SIZE + SMM_VARIABLE_COMMUNICATE_HEADER_SIZE);
327
328 //
329 // If input string exceeds SMM payload limit. Return failure
330 //
331 if (StrSize (VariableName) > SmmCommBufPayloadSize - OFFSET_OF (SMM_VARIABLE_COMMUNICATE_GET_NEXT_VARIABLE_NAME, Name)) {
332 return EFI_INVALID_PARAMETER;
333 }
334
335 AcquireLockOnlyAtBootTime(&mVariableServicesLock);
336
337 //
338 // Init the communicate buffer. The buffer data size is:
339 // SMM_COMMUNICATE_HEADER_SIZE + SMM_VARIABLE_COMMUNICATE_HEADER_SIZE + PayloadSize.
340 //
341 if (*VariableNameSize > SmmCommBufPayloadSize - OFFSET_OF (SMM_VARIABLE_COMMUNICATE_GET_NEXT_VARIABLE_NAME, Name)) {
342 //
343 // If output buffer exceed SMM payload limit. Trim output buffer to SMM payload size
344 //
345 *VariableNameSize = SmmCommBufPayloadSize - OFFSET_OF (SMM_VARIABLE_COMMUNICATE_GET_NEXT_VARIABLE_NAME, Name);
346 }
347 //
348 // Payload should be Guid + NameSize + MAX of Input & Output buffer
349 //
350 PayloadSize = OFFSET_OF (SMM_VARIABLE_COMMUNICATE_GET_NEXT_VARIABLE_NAME, Name) + MAX (*VariableNameSize, StrSize (VariableName));
351
352 Status = InitCommunicateBuffer ((VOID **)&SmmGetNextVariableName, PayloadSize, SMM_VARIABLE_FUNCTION_GET_NEXT_VARIABLE_NAME);
353 if (EFI_ERROR (Status)) {
354 goto Done;
355 }
356 ASSERT (SmmGetNextVariableName != NULL);
357
358 //
359 // SMM comm buffer->NameSize is buffer size for return string
360 //
361 SmmGetNextVariableName->NameSize = *VariableNameSize;
362
363 CopyGuid (&SmmGetNextVariableName->Guid, VendorGuid);
364 //
365 // Copy whole string
366 //
367 CopyMem (SmmGetNextVariableName->Name, VariableName, StrSize (VariableName));
368
369 //
370 // Send data to SMM
371 //
372 Status = SendCommunicateBuffer (PayloadSize);
373
374 //
375 // Get data from SMM.
376 //
377 *VariableNameSize = SmmGetNextVariableName->NameSize;
378 if (EFI_ERROR (Status)) {
379 goto Done;
380 }
381
382 CopyGuid (VendorGuid, &SmmGetNextVariableName->Guid);
383 CopyMem (VariableName, SmmGetNextVariableName->Name, SmmGetNextVariableName->NameSize);
384
385 Done:
386 ReleaseLockOnlyAtBootTime (&mVariableServicesLock);
387 return Status;
388 }
389
390 /**
391 This code sets variable in storage blocks (Volatile or Non-Volatile).
392
393 Caution: This function may receive untrusted input.
394 The data size and data are external input, so this function will validate it carefully to avoid buffer overflow.
395
396 @param[in] VariableName Name of Variable to be found.
397 @param[in] VendorGuid Variable vendor GUID.
398 @param[in] Attributes Attribute value of the variable found
399 @param[in] DataSize Size of Data found. If size is less than the
400 data, this value contains the required size.
401 @param[in] Data Data pointer.
402
403 @retval EFI_INVALID_PARAMETER Invalid parameter.
404 @retval EFI_SUCCESS Set successfully.
405 @retval EFI_OUT_OF_RESOURCES Resource not enough to set variable.
406 @retval EFI_NOT_FOUND Not found.
407 @retval EFI_WRITE_PROTECTED Variable is read-only.
408
409 **/
410 EFI_STATUS
411 EFIAPI
412 RuntimeServiceSetVariable (
413 IN CHAR16 *VariableName,
414 IN EFI_GUID *VendorGuid,
415 IN UINT32 Attributes,
416 IN UINTN DataSize,
417 IN VOID *Data
418 )
419 {
420 EFI_STATUS Status;
421 UINTN PayloadSize;
422 SMM_VARIABLE_COMMUNICATE_ACCESS_VARIABLE *SmmVariableHeader;
423
424 //
425 // Check input parameters.
426 //
427 if (VariableName == NULL || VariableName[0] == 0 || VendorGuid == NULL) {
428 return EFI_INVALID_PARAMETER;
429 }
430
431 if (DataSize != 0 && Data == NULL) {
432 return EFI_INVALID_PARAMETER;
433 }
434
435 if (DataSize >= mVariableBufferSize) {
436 //
437 // DataSize may be near MAX_ADDRESS incorrectly, this can cause the computed PayLoadSize to
438 // overflow to a small value and pass the check in InitCommunicateBuffer().
439 // To protect against this vulnerability, return EFI_INVALID_PARAMETER if DataSize is >= mVariableBufferSize.
440 // And there will be further check to ensure the total size is also not > mVariableBufferSize.
441 //
442 return EFI_INVALID_PARAMETER;
443 }
444
445 if ((UINTN)(~0) - StrSize (VariableName) < OFFSET_OF (SMM_VARIABLE_COMMUNICATE_ACCESS_VARIABLE, Name) + DataSize) {
446 //
447 // Prevent PayloadSize overflow
448 //
449 return EFI_INVALID_PARAMETER;
450 }
451
452 AcquireLockOnlyAtBootTime(&mVariableServicesLock);
453
454 //
455 // Init the communicate buffer. The buffer data size is:
456 // SMM_COMMUNICATE_HEADER_SIZE + SMM_VARIABLE_COMMUNICATE_HEADER_SIZE + PayloadSize.
457 //
458 PayloadSize = OFFSET_OF (SMM_VARIABLE_COMMUNICATE_ACCESS_VARIABLE, Name) + StrSize (VariableName) + DataSize;
459 Status = InitCommunicateBuffer ((VOID **)&SmmVariableHeader, PayloadSize, SMM_VARIABLE_FUNCTION_SET_VARIABLE);
460 if (EFI_ERROR (Status)) {
461 goto Done;
462 }
463 ASSERT (SmmVariableHeader != NULL);
464
465 CopyGuid ((EFI_GUID *) &SmmVariableHeader->Guid, VendorGuid);
466 SmmVariableHeader->DataSize = DataSize;
467 SmmVariableHeader->NameSize = StrSize (VariableName);
468 SmmVariableHeader->Attributes = Attributes;
469 CopyMem (SmmVariableHeader->Name, VariableName, SmmVariableHeader->NameSize);
470 CopyMem ((UINT8 *) SmmVariableHeader->Name + SmmVariableHeader->NameSize, Data, DataSize);
471
472 //
473 // Send data to SMM.
474 //
475 Status = SendCommunicateBuffer (PayloadSize);
476
477 Done:
478 ReleaseLockOnlyAtBootTime (&mVariableServicesLock);
479 return Status;
480 }
481
482
483 /**
484 This code returns information about the EFI variables.
485
486 @param[in] Attributes Attributes bitmask to specify the type of variables
487 on which to return information.
488 @param[out] MaximumVariableStorageSize Pointer to the maximum size of the storage space available
489 for the EFI variables associated with the attributes specified.
490 @param[out] RemainingVariableStorageSize Pointer to the remaining size of the storage space available
491 for EFI variables associated with the attributes specified.
492 @param[out] MaximumVariableSize Pointer to the maximum size of an individual EFI variables
493 associated with the attributes specified.
494
495 @retval EFI_INVALID_PARAMETER An invalid combination of attribute bits was supplied.
496 @retval EFI_SUCCESS Query successfully.
497 @retval EFI_UNSUPPORTED The attribute is not supported on this platform.
498
499 **/
500 EFI_STATUS
501 EFIAPI
502 RuntimeServiceQueryVariableInfo (
503 IN UINT32 Attributes,
504 OUT UINT64 *MaximumVariableStorageSize,
505 OUT UINT64 *RemainingVariableStorageSize,
506 OUT UINT64 *MaximumVariableSize
507 )
508 {
509 EFI_STATUS Status;
510 UINTN PayloadSize;
511 SMM_VARIABLE_COMMUNICATE_QUERY_VARIABLE_INFO *SmmQueryVariableInfo;
512
513 if(MaximumVariableStorageSize == NULL || RemainingVariableStorageSize == NULL || MaximumVariableSize == NULL || Attributes == 0) {
514 return EFI_INVALID_PARAMETER;
515 }
516
517 AcquireLockOnlyAtBootTime(&mVariableServicesLock);
518
519 //
520 // Init the communicate buffer. The buffer data size is:
521 // SMM_COMMUNICATE_HEADER_SIZE + SMM_VARIABLE_COMMUNICATE_HEADER_SIZE + PayloadSize;
522 //
523 PayloadSize = sizeof (SMM_VARIABLE_COMMUNICATE_QUERY_VARIABLE_INFO);
524 Status = InitCommunicateBuffer ((VOID **)&SmmQueryVariableInfo, PayloadSize, SMM_VARIABLE_FUNCTION_QUERY_VARIABLE_INFO);
525 if (EFI_ERROR (Status)) {
526 goto Done;
527 }
528 ASSERT (SmmQueryVariableInfo != NULL);
529
530 SmmQueryVariableInfo->Attributes = Attributes;
531
532 //
533 // Send data to SMM.
534 //
535 Status = SendCommunicateBuffer (PayloadSize);
536 if (EFI_ERROR (Status)) {
537 goto Done;
538 }
539
540 //
541 // Get data from SMM.
542 //
543 *MaximumVariableSize = SmmQueryVariableInfo->MaximumVariableSize;
544 *MaximumVariableStorageSize = SmmQueryVariableInfo->MaximumVariableStorageSize;
545 *RemainingVariableStorageSize = SmmQueryVariableInfo->RemainingVariableStorageSize;
546
547 Done:
548 ReleaseLockOnlyAtBootTime (&mVariableServicesLock);
549 return Status;
550 }
551
552
553 /**
554 Exit Boot Services Event notification handler.
555
556 Notify SMM variable driver about the event.
557
558 @param[in] Event Event whose notification function is being invoked.
559 @param[in] Context Pointer to the notification function's context.
560
561 **/
562 VOID
563 EFIAPI
564 OnExitBootServices (
565 IN EFI_EVENT Event,
566 IN VOID *Context
567 )
568 {
569 //
570 // Init the communicate buffer. The buffer data size is:
571 // SMM_COMMUNICATE_HEADER_SIZE + SMM_VARIABLE_COMMUNICATE_HEADER_SIZE.
572 //
573 InitCommunicateBuffer (NULL, 0, SMM_VARIABLE_FUNCTION_EXIT_BOOT_SERVICE);
574
575 //
576 // Send data to SMM.
577 //
578 SendCommunicateBuffer (0);
579 }
580
581
582 /**
583 On Ready To Boot Services Event notification handler.
584
585 Notify SMM variable driver about the event.
586
587 @param[in] Event Event whose notification function is being invoked
588 @param[in] Context Pointer to the notification function's context
589
590 **/
591 VOID
592 EFIAPI
593 OnReadyToBoot (
594 IN EFI_EVENT Event,
595 IN VOID *Context
596 )
597 {
598 //
599 // Init the communicate buffer. The buffer data size is:
600 // SMM_COMMUNICATE_HEADER_SIZE + SMM_VARIABLE_COMMUNICATE_HEADER_SIZE.
601 //
602 InitCommunicateBuffer (NULL, 0, SMM_VARIABLE_FUNCTION_READY_TO_BOOT);
603
604 //
605 // Send data to SMM.
606 //
607 SendCommunicateBuffer (0);
608 }
609
610
611 /**
612 Notification function of EVT_SIGNAL_VIRTUAL_ADDRESS_CHANGE.
613
614 This is a notification function registered on EVT_SIGNAL_VIRTUAL_ADDRESS_CHANGE event.
615 It convers pointer to new virtual address.
616
617 @param[in] Event Event whose notification function is being invoked.
618 @param[in] Context Pointer to the notification function's context.
619
620 **/
621 VOID
622 EFIAPI
623 VariableAddressChangeEvent (
624 IN EFI_EVENT Event,
625 IN VOID *Context
626 )
627 {
628 EfiConvertPointer (0x0, (VOID **) &mVariableBuffer);
629 EfiConvertPointer (0x0, (VOID **) &mSmmCommunication);
630 }
631
632
633 /**
634 Initialize variable service and install Variable Architectural protocol.
635
636 @param[in] Event Event whose notification function is being invoked.
637 @param[in] Context Pointer to the notification function's context.
638
639 **/
640 VOID
641 EFIAPI
642 SmmVariableReady (
643 IN EFI_EVENT Event,
644 IN VOID *Context
645 )
646 {
647 EFI_STATUS Status;
648
649 Status = gBS->LocateProtocol (&gEfiSmmVariableProtocolGuid, NULL, (VOID **)&mSmmVariable);
650 if (EFI_ERROR (Status)) {
651 return;
652 }
653
654 Status = gBS->LocateProtocol (&gEfiSmmCommunicationProtocolGuid, NULL, (VOID **) &mSmmCommunication);
655 ASSERT_EFI_ERROR (Status);
656
657 //
658 // Allocate memory for variable store.
659 //
660 mVariableBufferSize = SMM_COMMUNICATE_HEADER_SIZE + SMM_VARIABLE_COMMUNICATE_HEADER_SIZE;
661 mVariableBufferSize += MAX (PcdGet32 (PcdMaxVariableSize), PcdGet32 (PcdMaxHardwareErrorVariableSize));
662 mVariableBuffer = AllocateRuntimePool (mVariableBufferSize);
663 ASSERT (mVariableBuffer != NULL);
664
665 //
666 // Save the buffer physical address used for SMM conmunication.
667 //
668 mVariableBufferPhysical = mVariableBuffer;
669
670 gRT->GetVariable = RuntimeServiceGetVariable;
671 gRT->GetNextVariableName = RuntimeServiceGetNextVariableName;
672 gRT->SetVariable = RuntimeServiceSetVariable;
673 gRT->QueryVariableInfo = RuntimeServiceQueryVariableInfo;
674
675 //
676 // Install the Variable Architectural Protocol on a new handle.
677 //
678 Status = gBS->InstallProtocolInterface (
679 &mHandle,
680 &gEfiVariableArchProtocolGuid,
681 EFI_NATIVE_INTERFACE,
682 NULL
683 );
684 ASSERT_EFI_ERROR (Status);
685 }
686
687
688 /**
689 SMM Non-Volatile variable write service is ready notify event handler.
690
691 @param[in] Event Event whose notification function is being invoked.
692 @param[in] Context Pointer to the notification function's context.
693
694 **/
695 VOID
696 EFIAPI
697 SmmVariableWriteReady (
698 IN EFI_EVENT Event,
699 IN VOID *Context
700 )
701 {
702 EFI_STATUS Status;
703 VOID *ProtocolOps;
704
705 //
706 // Check whether the protocol is installed or not.
707 //
708 Status = gBS->LocateProtocol (&gSmmVariableWriteGuid, NULL, (VOID **) &ProtocolOps);
709 if (EFI_ERROR (Status)) {
710 return;
711 }
712
713 Status = gBS->InstallProtocolInterface (
714 &mHandle,
715 &gEfiVariableWriteArchProtocolGuid,
716 EFI_NATIVE_INTERFACE,
717 NULL
718 );
719 ASSERT_EFI_ERROR (Status);
720 }
721
722
723 /**
724 Variable Driver main entry point. The Variable driver places the 4 EFI
725 runtime services in the EFI System Table and installs arch protocols
726 for variable read and write services being available. It also registers
727 a notification function for an EVT_SIGNAL_VIRTUAL_ADDRESS_CHANGE event.
728
729 @param[in] ImageHandle The firmware allocated handle for the EFI image.
730 @param[in] SystemTable A pointer to the EFI System Table.
731
732 @retval EFI_SUCCESS Variable service successfully initialized.
733
734 **/
735 EFI_STATUS
736 EFIAPI
737 VariableSmmRuntimeInitialize (
738 IN EFI_HANDLE ImageHandle,
739 IN EFI_SYSTEM_TABLE *SystemTable
740 )
741 {
742 VOID *SmmVariableRegistration;
743 VOID *SmmVariableWriteRegistration;
744 EFI_EVENT OnReadyToBootEvent;
745 EFI_EVENT ExitBootServiceEvent;
746
747 EfiInitializeLock (&mVariableServicesLock, TPL_NOTIFY);
748
749 //
750 // Smm variable service is ready
751 //
752 EfiCreateProtocolNotifyEvent (
753 &gEfiSmmVariableProtocolGuid,
754 TPL_CALLBACK,
755 SmmVariableReady,
756 NULL,
757 &SmmVariableRegistration
758 );
759
760 //
761 // Smm Non-Volatile variable write service is ready
762 //
763 EfiCreateProtocolNotifyEvent (
764 &gSmmVariableWriteGuid,
765 TPL_CALLBACK,
766 SmmVariableWriteReady,
767 NULL,
768 &SmmVariableWriteRegistration
769 );
770
771 //
772 // Register the event to reclaim variable for OS usage.
773 //
774 EfiCreateEventReadyToBootEx (
775 TPL_NOTIFY,
776 OnReadyToBoot,
777 NULL,
778 &OnReadyToBootEvent
779 );
780
781 //
782 // Register the event to inform SMM variable that it is at runtime.
783 //
784 gBS->CreateEventEx (
785 EVT_NOTIFY_SIGNAL,
786 TPL_NOTIFY,
787 OnExitBootServices,
788 NULL,
789 &gEfiEventExitBootServicesGuid,
790 &ExitBootServiceEvent
791 );
792
793 //
794 // Register the event to convert the pointer for runtime.
795 //
796 gBS->CreateEventEx (
797 EVT_NOTIFY_SIGNAL,
798 TPL_NOTIFY,
799 VariableAddressChangeEvent,
800 NULL,
801 &gEfiEventVirtualAddressChangeGuid,
802 &mVirtualAddressChangeEvent
803 );
804
805 return EFI_SUCCESS;
806 }
807
EFI Development Kit II mirror for PVE