## @file\r
-# Component description file for Variable SmmRuntimeDxe module.\r
+# Runtime DXE part corresponding to SMM authenticated variable module.\r
#\r
-# This module is the Runtime DXE part correspond to SMM variable module. It \r
-# installs variable arch protocol and variable write arch protocol and works \r
-# with SMM variable module together. \r
-# Copyright (c) 2010 - 2011, Intel Corporation. All rights reserved.<BR>\r
+# This module installs variable arch protocol and variable write arch protocol to provide\r
+# variable service. This module need work together with SMM authenticated variable module.\r
#\r
-# This program and the accompanying materials\r
-# are licensed and made available under the terms and conditions of the BSD License\r
-# which accompanies this distribution. The full text of the license may be found at\r
-# http://opensource.org/licenses/bsd-license.php\r
-# THE PROGRAM IS DISTRIBUTED UNDER THE BSD LICENSE ON AN "AS IS" BASIS,\r
-# WITHOUT WARRANTIES OR REPRESENTATIONS OF ANY KIND, EITHER EXPRESS OR IMPLIED.\r
+# Caution: This module requires additional review when modified.\r
+# This driver will have external input - variable data.\r
+# This external input must be validated carefully to avoid security issues such as\r
+# buffer overflow or integer overflow.\r
+# The whole SMM authentication variable design relies on the integrity of flash part and SMM.\r
+# which is assumed to be protected by platform. All variable code and metadata in flash/SMM Memory\r
+# may not be modified without authorization. If platform fails to protect these resources,\r
+# the authentication service provided in this driver will be broken, and the behavior is undefined.\r
#\r
+# Copyright (c) 2010 - 2017, Intel Corporation. All rights reserved.<BR>\r
+# This program and the accompanying materials\r
+# are licensed and made available under the terms and conditions of the BSD License\r
+# which accompanies this distribution. The full text of the license may be found at\r
+# http://opensource.org/licenses/bsd-license.php\r
+# THE PROGRAM IS DISTRIBUTED UNDER THE BSD LICENSE ON AN "AS IS" BASIS,\r
+# WITHOUT WARRANTIES OR REPRESENTATIONS OF ANY KIND, EITHER EXPRESS OR IMPLIED.\r
#\r
##\r
\r
[Defines]\r
INF_VERSION = 0x00010005\r
BASE_NAME = VariableSmmRuntimeDxe\r
+ MODULE_UNI_FILE = VariableSmmRuntimeDxe.uni\r
FILE_GUID = 9F7DCADE-11EA-448a-A46F-76E003657DD1\r
MODULE_TYPE = DXE_RUNTIME_DRIVER\r
VERSION_STRING = 1.0\r
\r
[Sources]\r
VariableSmmRuntimeDxe.c\r
+ PrivilegePolymorphic.h\r
+ Measurement.c\r
\r
[Packages]\r
MdePkg/MdePkg.dec\r
\r
[LibraryClasses]\r
MemoryAllocationLib\r
- BaseLib \r
+ BaseLib\r
UefiBootServicesTableLib\r
DebugLib\r
UefiRuntimeLib\r
DxeServicesTableLib\r
UefiDriverEntryPoint\r
- PcdLib \r
+ TpmMeasurementLib\r
\r
[Protocols]\r
- gEfiVariableWriteArchProtocolGuid ## ALWAYS_PRODUCES\r
- gEfiVariableArchProtocolGuid ## ALWAYS_PRODUCES \r
- gEfiSmmCommunicationProtocolGuid\r
+ gEfiVariableWriteArchProtocolGuid ## PRODUCES\r
+ gEfiVariableArchProtocolGuid ## PRODUCES\r
+ gEfiSmmCommunicationProtocolGuid ## CONSUMES\r
+ ## CONSUMES\r
+ ## NOTIFY\r
+ ## UNDEFINED # Used to do smm communication\r
gEfiSmmVariableProtocolGuid\r
+ gEdkiiVariableLockProtocolGuid ## PRODUCES\r
+ gEdkiiVarCheckProtocolGuid ## PRODUCES\r
\r
[Guids]\r
- gEfiEventVirtualAddressChangeGuid ## PRODUCES ## Event\r
+ gEfiEventVirtualAddressChangeGuid ## CONSUMES ## Event\r
+ gEfiEventExitBootServicesGuid ## CONSUMES ## Event\r
+ ## CONSUMES ## GUID # Locate protocol\r
+ ## CONSUMES ## GUID # Protocol notify\r
gSmmVariableWriteGuid\r
\r
-[Pcd]\r
- gEfiMdeModulePkgTokenSpaceGuid.PcdMaxVariableSize\r
- gEfiMdeModulePkgTokenSpaceGuid.PcdMaxHardwareErrorVariableSize\r
- gEfiMdeModulePkgTokenSpaceGuid.PcdFlashNvStorageVariableBase\r
- \r
+ ## SOMETIMES_CONSUMES ## Variable:L"PK"\r
+ ## SOMETIMES_CONSUMES ## Variable:L"KEK"\r
+ ## SOMETIMES_CONSUMES ## Variable:L"SecureBoot"\r
+ gEfiGlobalVariableGuid\r
+\r
+ ## SOMETIMES_CONSUMES ## Variable:L"db"\r
+ ## SOMETIMES_CONSUMES ## Variable:L"dbx"\r
+ ## SOMETIMES_CONSUMES ## Variable:L"dbt"\r
+ gEfiImageSecurityDatabaseGuid\r
+\r
[Depex]\r
gEfiSmmCommunicationProtocolGuid\r
+\r
+[UserExtensions.TianoCore."ExtraFiles"]\r
+ VariableSmmRuntimeDxeExtra.uni\r