X-Git-Url: https://git.proxmox.com/?a=blobdiff_plain;f=SecurityPkg%2FVariableAuthenticated%2FRuntimeDxe%2FVariableSmm.inf;h=1987764d803c40802fb12874d7ee3d5eb2c0fc63;hb=36bdec3cd94346c9ccae4df02ae5890409498cf8;hp=5a4082309775db0a356817ab968a168926a86fe6;hpb=a555940b2d4cb525d8c2bfcf16fbaab89157556f;p=mirror_edk2.git diff --git a/SecurityPkg/VariableAuthenticated/RuntimeDxe/VariableSmm.inf b/SecurityPkg/VariableAuthenticated/RuntimeDxe/VariableSmm.inf index 5a40823097..1987764d80 100644 --- a/SecurityPkg/VariableAuthenticated/RuntimeDxe/VariableSmm.inf +++ b/SecurityPkg/VariableAuthenticated/RuntimeDxe/VariableSmm.inf @@ -1,20 +1,24 @@ ## @file -# Component description file for SMM Authenticated Variable module. +# Provides SMM authenticated variable service # # This module installs SMM variable protocol into SMM protocol database, # which can be used by SMM driver, and installs SMM variable protocol # into BS protocol database, which can be used to notify the SMM Runtime # Dxe driver that the SMM variable service is ready. # This module should be used with SMM Runtime DXE module together. The -# SMM Runtime DXE module would install variable arch protocol and variable +# SMM Runtime DXE module installs variable arch protocol and variable # write arch protocol based on SMM variable module. # # Caution: This module requires additional review when modified. # This driver will have external input - variable data and communicate buffer in SMM mode. -# This external input must be validated carefully to avoid security issue like -# buffer overflow, integer overflow. +# This external input must be validated carefully to avoid security issues such as +# buffer overflow or integer overflow. +# The whole SMM authentication variable design relies on the integrity of flash part and SMM. +# which is assumed to be protected by platform. All variable code and metadata in flash/SMM Memory +# may not be modified without authorization. If platform fails to protect these resources, +# the authentication service provided in this driver will be broken, and the behavior is undefined. # -# Copyright (c) 2010 - 2013, Intel Corporation. All rights reserved.
+# Copyright (c) 2010 - 2014, Intel Corporation. All rights reserved.
# This program and the accompanying materials # are licensed and made available under the terms and conditions of the BSD License # which accompanies this distribution. The full text of the license may be found at @@ -26,7 +30,8 @@ [Defines] INF_VERSION = 0x00010005 - BASE_NAME = VariableSmm + BASE_NAME = VariableAuthSmm + MODULE_UNI_FILE = VariableAuthSmm.uni FILE_GUID = D34BDC5E-968A-40f5-A48C-E594F45AE211 MODULE_TYPE = DXE_SMM_DRIVER VERSION_STRING = 1.0 @@ -69,42 +74,83 @@ HobLib [Protocols] - gEfiSmmFirmwareVolumeBlockProtocolGuid ## SOMETIMES_CONSUMES - gEfiSmmVariableProtocolGuid ## ALWAYS_PRODUCES - gEfiSmmFaultTolerantWriteProtocolGuid ## SOMETIMES_CONSUMES - gEfiSmmAccess2ProtocolGuid ## ALWAYS_CONSUMES - gEfiSmmEndOfDxeProtocolGuid ## ALWAYS_CONSUMES + gEfiSmmFirmwareVolumeBlockProtocolGuid ## CONSUMES + gEfiSmmAccess2ProtocolGuid ## CONSUMES + + ## PRODUCES + ## UNDEFINED # SmiHandlerRegister + gEfiSmmVariableProtocolGuid + + ## CONSUMES + ## NOTIFY + gEfiSmmFaultTolerantWriteProtocolGuid + gEfiSmmEndOfDxeProtocolGuid ## NOTIFY [Guids] - gEfiAuthenticatedVariableGuid ## PRODUCES ## Configuration Table Guid - gEfiGlobalVariableGuid ## PRODUCES ## Variable Guid - gSmmVariableWriteGuid ## PRODUCES ## SMM Variable Write Guid - gEfiCertTypeRsa2048Sha256Guid + ## PRODUCES ## GUID # Variable store header + ## CONSUMES ## GUID # Variable store header + ## SOMETIMES_CONSUMES ## HOB + gEfiAuthenticatedVariableGuid + + ## SOMETIMES_CONSUMES ## Variable:L"PlatformLang" + ## SOMETIMES_PRODUCES ## Variable:L"PlatformLang" + ## SOMETIMES_CONSUMES ## Variable:L"Lang" + ## SOMETIMES_PRODUCES ## Variable:L"Lang" + ## SOMETIMES_CONSUMES ## Variable:L"HwErrRecSupport" + ## CONSUMES ## Variable:L"SetupMode" + ## PRODUCES ## Variable:L"SetupMode" + ## SOMETIMES_CONSUMES ## Variable:L"PK" + ## SOMETIMES_CONSUMES ## Variable:L"KEK" + ## CONSUMES ## Variable:L"SecureBoot" + ## PRODUCES ## Variable:L"SecureBoot" + ## CONSUMES ## Variable:L"SignatureSupport" + ## PRODUCES ## Variable:L"SignatureSupport" + ## PRODUCES ## Variable:L"VendorKeys" + gEfiGlobalVariableGuid + + ## SOMETIMES_CONSUMES ## Variable:L"DB" + ## SOMETIMES_CONSUMES ## Variable:L"DBX" gEfiImageSecurityDatabaseGuid - gEfiCertX509Guid - gEfiCertPkcs7Guid - gEfiCertRsa2048Guid + + ## CONSUMES ## Variable:L"SecureBootEnable" + ## PRODUCES ## Variable:L"SecureBootEnable" gEfiSecureBootEnableDisableGuid + + ## CONSUMES ## Variable:L"CustomMode" + ## PRODUCES ## Variable:L"CustomMode" gEfiCustomModeEnableGuid - gEfiVendorKeysNvGuid - gEfiSystemNvDataFvGuid ## CONSUMES + + ## CONSUMES ## Variable:L"certdb" + ## PRODUCES ## Variable:L"certdb" gEfiCertDbGuid - gEfiHardwareErrorVariableGuid ## SOMETIMES_CONSUMES - gEdkiiFaultTolerantWriteGuid ## CONSUMES + ## CONSUMES ## Variable:L"VendorKeysNv" + ## PRODUCES ## Variable:L"VendorKeysNv" + gEfiVendorKeysNvGuid + + gSmmVariableWriteGuid ## PRODUCES ## GUID # Install protocol + gEfiCertTypeRsa2048Sha256Guid ## SOMETIMES_CONSUMES ## GUID # Unique ID for the format of the CertData. + gEfiCertPkcs7Guid ## SOMETIMES_CONSUMES ## GUID # Unique ID for the format of the CertData. + gEfiCertX509Guid ## SOMETIMES_CONSUMES ## GUID # Unique ID for the type of the signature. + gEfiSystemNvDataFvGuid ## CONSUMES ## GUID + gEfiHardwareErrorVariableGuid ## SOMETIMES_CONSUMES ## Variable:L"HwErrRec####" + gEdkiiFaultTolerantWriteGuid ## SOMETIMES_CONSUMES ## HOB + [Pcd] - gEfiMdeModulePkgTokenSpaceGuid.PcdFlashNvStorageVariableSize - gEfiMdeModulePkgTokenSpaceGuid.PcdFlashNvStorageVariableBase - gEfiMdeModulePkgTokenSpaceGuid.PcdFlashNvStorageVariableBase64 - gEfiMdeModulePkgTokenSpaceGuid.PcdMaxVariableSize - gEfiMdeModulePkgTokenSpaceGuid.PcdMaxHardwareErrorVariableSize - gEfiMdeModulePkgTokenSpaceGuid.PcdVariableStoreSize - gEfiMdeModulePkgTokenSpaceGuid.PcdHwErrStorageSize - + gEfiMdeModulePkgTokenSpaceGuid.PcdFlashNvStorageVariableSize ## CONSUMES + gEfiMdeModulePkgTokenSpaceGuid.PcdFlashNvStorageVariableBase ## SOMETIMES_CONSUMES + gEfiMdeModulePkgTokenSpaceGuid.PcdFlashNvStorageVariableBase64 ## CONSUMES + gEfiMdeModulePkgTokenSpaceGuid.PcdMaxVariableSize ## CONSUMES + gEfiMdeModulePkgTokenSpaceGuid.PcdMaxHardwareErrorVariableSize ## CONSUMES + gEfiMdeModulePkgTokenSpaceGuid.PcdVariableStoreSize ## CONSUMES + gEfiMdeModulePkgTokenSpaceGuid.PcdHwErrStorageSize ## CONSUMES + [FeaturePcd] - gEfiMdeModulePkgTokenSpaceGuid.PcdVariableCollectStatistics ## SOMETIME_CONSUMES (statistic the information of variable.) + gEfiMdeModulePkgTokenSpaceGuid.PcdVariableCollectStatistics ## CONSUMES # statistic the information of variable. + gEfiMdePkgTokenSpaceGuid.PcdUefiVariableDefaultLangDeprecate ## CONSUMES # Auto update PlatformLang/Lang [Depex] TRUE - - + +[UserExtensions.TianoCore."ExtraFiles"] + VariableSmmExtra.uni \ No newline at end of file