## @file\r
+# Provides SMM variable service.\r
+#\r
# This module installs SMM variable protocol into SMM protocol database,\r
-# which can be used by SMM driver, and installs SMM variable protocol \r
+# which can be used by SMM driver, and installs SMM variable protocol\r
# into BS protocol database, which can be used to notify the SMM Runtime\r
# Dxe driver that the SMM variable service is ready.\r
-# This module should be used with SMM Runtime DXE module together. The \r
-# SMM Runtime DXE module would install variable arch protocol and variable \r
+# This module should be used with SMM Runtime DXE module together. The\r
+# SMM Runtime DXE module would install variable arch protocol and variable\r
# write arch protocol based on SMM variable module.\r
#\r
# Caution: This module requires additional review when modified.\r
# This driver will have external input - variable data and communicate buffer in SMM mode.\r
-# This external input must be validated carefully to avoid security issue like\r
-# buffer overflow, integer overflow.\r
-#\r
-# Copyright (c) 2010 - 2015, Intel Corporation. All rights reserved.<BR>\r
-# This program and the accompanying materials\r
-# are licensed and made available under the terms and conditions of the BSD License\r
-# which accompanies this distribution. The full text of the license may be found at\r
-# http://opensource.org/licenses/bsd-license.php\r
-# THE PROGRAM IS DISTRIBUTED UNDER THE BSD LICENSE ON AN "AS IS" BASIS,\r
-# WITHOUT WARRANTIES OR REPRESENTATIONS OF ANY KIND, EITHER EXPRESS OR IMPLIED.\r
+# This external input must be validated carefully to avoid security issues such as\r
+# buffer overflow or integer overflow.\r
+# The whole SMM authentication variable design relies on the integrity of flash part and SMM.\r
+# which is assumed to be protected by platform. All variable code and metadata in flash/SMM Memory\r
+# may not be modified without authorization. If platform fails to protect these resources,\r
+# the authentication service provided in this driver will be broken, and the behavior is undefined.\r
#\r
+# Copyright (c) 2010 - 2019, Intel Corporation. All rights reserved.<BR>\r
+# Copyright (c) Microsoft Corporation.\r
+# SPDX-License-Identifier: BSD-2-Clause-Patent\r
#\r
##\r
\r
[Sources]\r
Reclaim.c\r
Variable.c\r
+ VariableTraditionalMm.c\r
VariableSmm.c\r
+ VariableNonVolatile.c\r
+ VariableNonVolatile.h\r
+ VariableParsing.c\r
+ VariableParsing.h\r
+ VariableRuntimeCache.c\r
+ VariableRuntimeCache.h\r
VarCheck.c\r
Variable.h\r
+ PrivilegePolymorphic.h\r
+ VariableExLib.c\r
+ TcgMorLockSmm.c\r
+ SpeculationBarrierSmm.c\r
+ VariableLockRequestToLock.c\r
\r
[Packages]\r
MdePkg/MdePkg.dec\r
BaseLib\r
SynchronizationLib\r
UefiLib\r
- SmmServicesTableLib\r
+ MmServicesTableLib\r
BaseMemoryLib\r
DebugLib\r
DxeServicesTableLib\r
HobLib\r
PcdLib\r
- DevicePathLib\r
+ SmmMemLib\r
+ AuthVariableLib\r
+ VarCheckLib\r
+ UefiBootServicesTableLib\r
+ VariableFlashInfoLib\r
+ VariablePolicyLib\r
+ VariablePolicyHelperLib\r
+ SafeIntLib\r
\r
[Protocols]\r
gEfiSmmFirmwareVolumeBlockProtocolGuid ## CONSUMES\r
## PRODUCES\r
## UNDEFINED # SmiHandlerRegister\r
gEfiSmmVariableProtocolGuid\r
- gEfiSmmAccess2ProtocolGuid ## CONSUMES\r
- gEfiSmmEndOfDxeProtocolGuid ## NOTIFY\r
+ gEfiMmEndOfDxeProtocolGuid ## NOTIFY\r
gEdkiiSmmVarCheckProtocolGuid ## PRODUCES\r
+ gEfiTcgProtocolGuid ## SOMETIMES_CONSUMES\r
+ gEfiTcg2ProtocolGuid ## SOMETIMES_CONSUMES\r
\r
[Guids]\r
- ## PRODUCES ## GUID # Signature of Variable store header\r
- ## CONSUMES ## GUID # Signature of Variable store header\r
+ ## SOMETIMES_CONSUMES ## GUID # Signature of Variable store header\r
+ ## SOMETIMES_PRODUCES ## GUID # Signature of Variable store header\r
## SOMETIMES_CONSUMES ## HOB\r
+ ## SOMETIMES_PRODUCES ## SystemTable\r
+ gEfiAuthenticatedVariableGuid\r
+\r
+ ## SOMETIMES_CONSUMES ## GUID # Signature of Variable store header\r
+ ## SOMETIMES_PRODUCES ## GUID # Signature of Variable store header\r
+ ## SOMETIMES_CONSUMES ## HOB\r
+ ## SOMETIMES_PRODUCES ## SystemTable\r
gEfiVariableGuid\r
+\r
## SOMETIMES_CONSUMES ## Variable:L"PlatformLang"\r
## SOMETIMES_PRODUCES ## Variable:L"PlatformLang"\r
## SOMETIMES_CONSUMES ## Variable:L"Lang"\r
## SOMETIMES_PRODUCES ## Variable:L"Lang"\r
- ## SOMETIMES_CONSUMES ## Variable:L"HwErrRecSupport"\r
gEfiGlobalVariableGuid\r
- gSmmVariableWriteGuid ## PRODUCES ## UNDEFINED # Install protocol\r
+\r
+ gEfiMemoryOverwriteControlDataGuid ## SOMETIMES_CONSUMES ## Variable:L"MemoryOverwriteRequestControl"\r
+ gEfiMemoryOverwriteRequestControlLockGuid ## SOMETIMES_PRODUCES ## Variable:L"MemoryOverwriteRequestControlLock"\r
+\r
+ gSmmVariableWriteGuid ## PRODUCES ## GUID # Install protocol\r
gEfiSystemNvDataFvGuid ## CONSUMES ## GUID\r
- gEfiHardwareErrorVariableGuid ## SOMETIMES_CONSUMES ## Variable:L"HwErrRec####"\r
- ## SOMETIMES_CONSUMES ## HOB\r
- gEdkiiFaultTolerantWriteGuid\r
- gEdkiiVarErrorFlagGuid ## CONSUMES ## GUID\r
+ gEdkiiFaultTolerantWriteGuid ## SOMETIMES_CONSUMES ## HOB\r
+\r
+ ## SOMETIMES_CONSUMES ## Variable:L"VarErrorFlag"\r
+ ## SOMETIMES_PRODUCES ## Variable:L"VarErrorFlag"\r
+ gEdkiiVarErrorFlagGuid\r
\r
[Pcd]\r
- gEfiMdeModulePkgTokenSpaceGuid.PcdFlashNvStorageVariableSize ## CONSUMES\r
- gEfiMdeModulePkgTokenSpaceGuid.PcdFlashNvStorageVariableBase ## SOMETIMES_CONSUMES\r
- gEfiMdeModulePkgTokenSpaceGuid.PcdFlashNvStorageVariableBase64 ## CONSUMES\r
- gEfiMdeModulePkgTokenSpaceGuid.PcdMaxVariableSize ## CONSUMES\r
- gEfiMdeModulePkgTokenSpaceGuid.PcdMaxHardwareErrorVariableSize ## CONSUMES\r
- gEfiMdeModulePkgTokenSpaceGuid.PcdVariableStoreSize ## CONSUMES\r
- gEfiMdeModulePkgTokenSpaceGuid.PcdHwErrStorageSize ## CONSUMES\r
+ gEfiMdeModulePkgTokenSpaceGuid.PcdMaxVariableSize ## CONSUMES\r
+ gEfiMdeModulePkgTokenSpaceGuid.PcdMaxAuthVariableSize ## CONSUMES\r
+ gEfiMdeModulePkgTokenSpaceGuid.PcdMaxVolatileVariableSize ## CONSUMES\r
+ gEfiMdeModulePkgTokenSpaceGuid.PcdMaxHardwareErrorVariableSize ## CONSUMES\r
+ gEfiMdeModulePkgTokenSpaceGuid.PcdVariableStoreSize ## CONSUMES\r
+ gEfiMdeModulePkgTokenSpaceGuid.PcdHwErrStorageSize ## CONSUMES\r
gEfiMdeModulePkgTokenSpaceGuid.PcdMaxUserNvVariableSpaceSize ## CONSUMES\r
gEfiMdeModulePkgTokenSpaceGuid.PcdBoottimeReservedNvVariableSpaceSize ## CONSUMES\r
- \r
+ gEfiMdeModulePkgTokenSpaceGuid.PcdReclaimVariableSpaceAtEndOfDxe ## CONSUMES\r
+ gEfiMdeModulePkgTokenSpaceGuid.PcdEmuVariableNvModeEnable ## SOMETIMES_CONSUMES\r
+ gEfiMdeModulePkgTokenSpaceGuid.PcdEmuVariableNvStoreReserved ## SOMETIMES_CONSUMES\r
+\r
[FeaturePcd]\r
- gEfiMdeModulePkgTokenSpaceGuid.PcdVariableCollectStatistics ## CONSUMES # statistic the information of variable.\r
- gEfiMdePkgTokenSpaceGuid.PcdUefiVariableDefaultLangDeprecate ## CONSUMES\r
+ gEfiMdeModulePkgTokenSpaceGuid.PcdVariableCollectStatistics ## CONSUMES # statistic the information of variable.\r
+ gEfiMdePkgTokenSpaceGuid.PcdUefiVariableDefaultLangDeprecate ## CONSUMES # Auto update PlatformLang/Lang\r
\r
[Depex]\r
TRUE\r