MdeModulePkg Variable: Implement variable quota management.

[mirror_edk2.git] / SecurityPkg / VariableAuthenticated / RuntimeDxe / VariableDxe.c

diff --git a/SecurityPkg/VariableAuthenticated/RuntimeDxe/VariableDxe.c b/SecurityPkg/VariableAuthenticated/RuntimeDxe/VariableDxe.c
index 949fb64248bf99acdab98e8924e43ec0402122dc..a1352510eba462b318152744b65192dcd74d89dc 100644 (file)
--- a/SecurityPkg/VariableAuthenticated/RuntimeDxe/VariableDxe.c
+++ b/SecurityPkg/VariableAuthenticated/RuntimeDxe/VariableDxe.c
@@ -3,7 +3,7 @@
   and volatile storage space and install variable architecture protocol.\r
 \r
 Copyright (C) 2013, Red Hat, Inc.\r
-Copyright (c) 2009 - 2014, Intel Corporation. All rights reserved.<BR>\r
+Copyright (c) 2009 - 2015, Intel Corporation. All rights reserved.<BR>\r
 This program and the accompanying materials\r
 are licensed and made available under the terms and conditions of the BSD License\r
 which accompanies this distribution.  The full text of the license may be found at\r
@@ -23,8 +23,14 @@ EFI_HANDLE                     mHandle                    = NULL;
 EFI_EVENT                      mVirtualAddressChangeEvent = NULL;\r
 EFI_EVENT                      mFtwRegistration           = NULL;\r
 extern LIST_ENTRY              mLockedVariableList;\r
+extern LIST_ENTRY              mVarCheckVariableList;\r
+extern UINT32                  mNumberOfHandler;\r
+extern VAR_CHECK_SET_VARIABLE_CHECK_HANDLER *mHandlerTable;\r
 extern BOOLEAN                 mEndOfDxe;\r
 EDKII_VARIABLE_LOCK_PROTOCOL   mVariableLock              = { VariableLockRequestToLock };\r
+EDKII_VAR_CHECK_PROTOCOL       mVarCheck                  = { VarCheckRegisterSetVariableCheckHandler,\r
+                                                              VarCheckVariablePropertySet,\r
+                                                              VarCheckVariablePropertyGet };\r
 \r
 /**\r
   Return TRUE if ExitBootServices () has been called.\r
@@ -222,9 +228,8 @@ VariableClassAddressChangeEvent (
   IN VOID                                 *Context\r
   )\r
 {\r
-  LIST_ENTRY     *Link;\r
-  VARIABLE_ENTRY *Entry;\r
   EFI_STATUS     Status;\r
+  UINTN          Index;\r
 \r
   EfiConvertPointer (0x0, (VOID **) &mVariableModuleGlobal->FvbInstance->GetBlockSize);\r
   EfiConvertPointer (0x0, (VOID **) &mVariableModuleGlobal->FvbInstance->GetPhysicalAddress);\r
@@ -239,27 +244,23 @@ VariableClassAddressChangeEvent (
   EfiConvertPointer (0x0, (VOID **) &mVariableModuleGlobal->PlatformLang);\r
   EfiConvertPointer (0x0, (VOID **) &mVariableModuleGlobal->VariableGlobal.NonVolatileVariableBase);\r
   EfiConvertPointer (0x0, (VOID **) &mVariableModuleGlobal->VariableGlobal.VolatileVariableBase);\r
+  EfiConvertPointer (0x0, (VOID **) &mVariableModuleGlobal->VariableGlobal.HobVariableBase);\r
   EfiConvertPointer (0x0, (VOID **) &mVariableModuleGlobal);\r
   EfiConvertPointer (0x0, (VOID **) &mHashCtx);\r
   EfiConvertPointer (0x0, (VOID **) &mSerializationRuntimeBuffer);\r
   EfiConvertPointer (0x0, (VOID **) &mNvVariableCache);\r
-\r
-  //\r
-  // in the list of locked variables, convert the name pointers first\r
-  //\r
-  for ( Link = GetFirstNode (&mLockedVariableList)\r
-      ; !IsNull (&mLockedVariableList, Link)\r
-      ; Link = GetNextNode (&mLockedVariableList, Link)\r
-      ) {\r
-    Entry = BASE_CR (Link, VARIABLE_ENTRY, Link);\r
-    Status = EfiConvertPointer (0x0, (VOID **) &Entry->Name);\r
-    ASSERT_EFI_ERROR (Status);\r
+  EfiConvertPointer (0x0, (VOID **) &mPubKeyStore);\r
+  EfiConvertPointer (0x0, (VOID **) &mCertDbStore);\r
+  EfiConvertPointer (0x0, (VOID **) &mHandlerTable);\r
+  for (Index = 0; Index < mNumberOfHandler; Index++) {\r
+    EfiConvertPointer (0x0, (VOID **) &mHandlerTable[Index]);\r
   }\r
-  //\r
-  // second, convert the list itself using UefiRuntimeLib\r
-  //\r
+\r
   Status = EfiConvertList (0x0, &mLockedVariableList);\r
   ASSERT_EFI_ERROR (Status);\r
+\r
+  Status = EfiConvertList (0x0, &mVarCheckVariableList);\r
+  ASSERT_EFI_ERROR (Status);\r
 }\r
 \r
 \r
@@ -367,7 +368,7 @@ FtwNotificationEvent (
   //\r
   // Mark the variable storage region of the FLASH as RUNTIME.\r
   //\r
-  VariableStoreBase   = mVariableModuleGlobal->VariableGlobal.NonVolatileVariableBase;\r
+  VariableStoreBase   = NvStorageVariableBase + (((EFI_FIRMWARE_VOLUME_HEADER *)(UINTN)(NvStorageVariableBase))->HeaderLength);\r
   VariableStoreLength = ((VARIABLE_STORE_HEADER *)(UINTN)VariableStoreBase)->Size;\r
   BaseAddress = VariableStoreBase & (~EFI_PAGE_MASK);\r
   Length      = VariableStoreLength + (VariableStoreBase - BaseAddress);\r
@@ -375,7 +376,7 @@ FtwNotificationEvent (
 \r
   Status      = gDS->GetMemorySpaceDescriptor (BaseAddress, &GcdDescriptor);\r
   if (EFI_ERROR (Status)) {\r
-    DEBUG ((DEBUG_WARN, "Variable driver failed to add EFI_MEMORY_RUNTIME attribute to Flash.\n"));\r
+    DEBUG ((DEBUG_WARN, "Variable driver failed to get flash memory attribute.\n"));\r
   } else {\r
     Status = gDS->SetMemorySpaceAttributes (\r
                     BaseAddress,\r
@@ -445,6 +446,14 @@ VariableServiceInitialize (
                   );\r
   ASSERT_EFI_ERROR (Status);\r
 \r
+  Status = gBS->InstallMultipleProtocolInterfaces (\r
+                  &mHandle,\r
+                  &gEdkiiVarCheckProtocolGuid,\r
+                  &mVarCheck,\r
+                  NULL\r
+                  );\r
+  ASSERT_EFI_ERROR (Status);\r
+\r
   SystemTable->RuntimeServices->GetVariable         = VariableServiceGetVariable;\r
   SystemTable->RuntimeServices->GetNextVariableName = VariableServiceGetNextVariableName;\r
   SystemTable->RuntimeServices->SetVariable         = VariableServiceSetVariable;\r