X-Git-Url: https://git.proxmox.com/?a=blobdiff_plain;f=SecurityPkg%2FVariableAuthenticated%2FRuntimeDxe%2FVariableSmm.inf;h=1987764d803c40802fb12874d7ee3d5eb2c0fc63;hb=36bdec3cd94346c9ccae4df02ae5890409498cf8;hp=5a4082309775db0a356817ab968a168926a86fe6;hpb=a555940b2d4cb525d8c2bfcf16fbaab89157556f;p=mirror_edk2.git

diff --git a/SecurityPkg/VariableAuthenticated/RuntimeDxe/VariableSmm.inf b/SecurityPkg/VariableAuthenticated/RuntimeDxe/VariableSmm.inf
index 5a40823097..1987764d80 100644
--- a/SecurityPkg/VariableAuthenticated/RuntimeDxe/VariableSmm.inf
+++ b/SecurityPkg/VariableAuthenticated/RuntimeDxe/VariableSmm.inf
@@ -1,20 +1,24 @@
 ## @file
-#  Component description file for SMM Authenticated Variable module.
+#  Provides SMM authenticated variable service
 #
 #  This module installs SMM variable protocol into SMM protocol database,
 #  which can be used by SMM driver, and installs SMM variable protocol
 #  into BS protocol database, which can be used to notify the SMM Runtime
 #  Dxe driver that the SMM variable service is ready.
 #  This module should be used with SMM Runtime DXE module together. The
-#  SMM Runtime DXE module would install variable arch protocol and variable
+#  SMM Runtime DXE module installs variable arch protocol and variable
 #  write arch protocol based on SMM variable module.
 #
 #  Caution: This module requires additional review when modified.
 #  This driver will have external input - variable data and communicate buffer in SMM mode.
-#  This external input must be validated carefully to avoid security issue like
-#  buffer overflow, integer overflow.
+#  This external input must be validated carefully to avoid security issues such as 
+#  buffer overflow or integer overflow.
+#    The whole SMM authentication variable design relies on the integrity of flash part and SMM.
+#  which is assumed to be protected by platform.  All variable code and metadata in flash/SMM Memory
+#  may not be modified without authorization. If platform fails to protect these resources, 
+#  the authentication service provided in this driver will be broken, and the behavior is undefined.
 #
-# Copyright (c) 2010 - 2013, Intel Corporation. All rights reserved.<BR>
+# Copyright (c) 2010 - 2014, Intel Corporation. All rights reserved.<BR>
 # This program and the accompanying materials
 # are licensed and made available under the terms and conditions of the BSD License
 # which accompanies this distribution. The full text of the license may be found at
@@ -26,7 +30,8 @@
 
 [Defines]
   INF_VERSION                    = 0x00010005
-  BASE_NAME                      = VariableSmm
+  BASE_NAME                      = VariableAuthSmm
+  MODULE_UNI_FILE                = VariableAuthSmm.uni
   FILE_GUID                      = D34BDC5E-968A-40f5-A48C-E594F45AE211
   MODULE_TYPE                    = DXE_SMM_DRIVER
   VERSION_STRING                 = 1.0
@@ -69,42 +74,83 @@
   HobLib
 
 [Protocols]
-  gEfiSmmFirmwareVolumeBlockProtocolGuid        ## SOMETIMES_CONSUMES
-  gEfiSmmVariableProtocolGuid                   ## ALWAYS_PRODUCES
-  gEfiSmmFaultTolerantWriteProtocolGuid         ## SOMETIMES_CONSUMES
-  gEfiSmmAccess2ProtocolGuid                    ## ALWAYS_CONSUMES
-  gEfiSmmEndOfDxeProtocolGuid                   ## ALWAYS_CONSUMES
+  gEfiSmmFirmwareVolumeBlockProtocolGuid        ## CONSUMES
+  gEfiSmmAccess2ProtocolGuid                    ## CONSUMES
+  
+  ## PRODUCES
+  ## UNDEFINED     # SmiHandlerRegister
+  gEfiSmmVariableProtocolGuid
+  
+  ## CONSUMES
+  ## NOTIFY  
+  gEfiSmmFaultTolerantWriteProtocolGuid
+  gEfiSmmEndOfDxeProtocolGuid              ## NOTIFY
 
 [Guids]
-  gEfiAuthenticatedVariableGuid                 ## PRODUCES ## Configuration Table Guid
-  gEfiGlobalVariableGuid                        ## PRODUCES ## Variable Guid
-  gSmmVariableWriteGuid                         ## PRODUCES ## SMM Variable Write Guid
-  gEfiCertTypeRsa2048Sha256Guid
+  ## PRODUCES             ## GUID # Variable store header
+  ## CONSUMES             ## GUID # Variable store header
+  ## SOMETIMES_CONSUMES   ## HOB
+  gEfiAuthenticatedVariableGuid
+  
+  ## SOMETIMES_CONSUMES   ## Variable:L"PlatformLang"
+  ## SOMETIMES_PRODUCES   ## Variable:L"PlatformLang"
+  ## SOMETIMES_CONSUMES   ## Variable:L"Lang"
+  ## SOMETIMES_PRODUCES   ## Variable:L"Lang"
+  ## SOMETIMES_CONSUMES   ## Variable:L"HwErrRecSupport"
+  ## CONSUMES             ## Variable:L"SetupMode"
+  ## PRODUCES             ## Variable:L"SetupMode"
+  ## SOMETIMES_CONSUMES   ## Variable:L"PK"
+  ## SOMETIMES_CONSUMES   ## Variable:L"KEK"
+  ## CONSUMES             ## Variable:L"SecureBoot"
+  ## PRODUCES             ## Variable:L"SecureBoot"
+  ## CONSUMES             ## Variable:L"SignatureSupport"
+  ## PRODUCES             ## Variable:L"SignatureSupport"
+  ## PRODUCES             ## Variable:L"VendorKeys"
+  gEfiGlobalVariableGuid
+  
+  ## SOMETIMES_CONSUMES   ## Variable:L"DB"
+  ## SOMETIMES_CONSUMES   ## Variable:L"DBX"
   gEfiImageSecurityDatabaseGuid
-  gEfiCertX509Guid
-  gEfiCertPkcs7Guid
-  gEfiCertRsa2048Guid
+ 
+  ## CONSUMES             ## Variable:L"SecureBootEnable"
+  ## PRODUCES             ## Variable:L"SecureBootEnable"
   gEfiSecureBootEnableDisableGuid
+  
+  ## CONSUMES             ## Variable:L"CustomMode"
+  ## PRODUCES             ## Variable:L"CustomMode"
   gEfiCustomModeEnableGuid
-  gEfiVendorKeysNvGuid
-  gEfiSystemNvDataFvGuid                        ## CONSUMES
+  
+  ## CONSUMES             ## Variable:L"certdb"
+  ## PRODUCES             ## Variable:L"certdb"
   gEfiCertDbGuid
-  gEfiHardwareErrorVariableGuid                 ## SOMETIMES_CONSUMES
-  gEdkiiFaultTolerantWriteGuid                  ## CONSUMES
 
+  ## CONSUMES             ## Variable:L"VendorKeysNv"
+  ## PRODUCES             ## Variable:L"VendorKeysNv"
+  gEfiVendorKeysNvGuid
+    
+  gSmmVariableWriteGuid                    ## PRODUCES               ## GUID        # Install protocol
+  gEfiCertTypeRsa2048Sha256Guid            ## SOMETIMES_CONSUMES     ## GUID        # Unique ID for the format of the CertData.
+  gEfiCertPkcs7Guid                        ## SOMETIMES_CONSUMES     ## GUID        # Unique ID for the format of the CertData.
+  gEfiCertX509Guid                         ## SOMETIMES_CONSUMES     ## GUID        # Unique ID for the type of the signature.
+  gEfiSystemNvDataFvGuid                   ## CONSUMES               ## GUID
+  gEfiHardwareErrorVariableGuid            ## SOMETIMES_CONSUMES     ## Variable:L"HwErrRec####"
+  gEdkiiFaultTolerantWriteGuid             ## SOMETIMES_CONSUMES     ## HOB
+  
 [Pcd]
-  gEfiMdeModulePkgTokenSpaceGuid.PcdFlashNvStorageVariableSize
-  gEfiMdeModulePkgTokenSpaceGuid.PcdFlashNvStorageVariableBase
-  gEfiMdeModulePkgTokenSpaceGuid.PcdFlashNvStorageVariableBase64
-  gEfiMdeModulePkgTokenSpaceGuid.PcdMaxVariableSize
-  gEfiMdeModulePkgTokenSpaceGuid.PcdMaxHardwareErrorVariableSize
-  gEfiMdeModulePkgTokenSpaceGuid.PcdVariableStoreSize
-  gEfiMdeModulePkgTokenSpaceGuid.PcdHwErrStorageSize
-
+  gEfiMdeModulePkgTokenSpaceGuid.PcdFlashNvStorageVariableSize       ## CONSUMES
+  gEfiMdeModulePkgTokenSpaceGuid.PcdFlashNvStorageVariableBase       ## SOMETIMES_CONSUMES
+  gEfiMdeModulePkgTokenSpaceGuid.PcdFlashNvStorageVariableBase64     ## CONSUMES
+  gEfiMdeModulePkgTokenSpaceGuid.PcdMaxVariableSize                  ## CONSUMES
+  gEfiMdeModulePkgTokenSpaceGuid.PcdMaxHardwareErrorVariableSize     ## CONSUMES
+  gEfiMdeModulePkgTokenSpaceGuid.PcdVariableStoreSize                ## CONSUMES
+  gEfiMdeModulePkgTokenSpaceGuid.PcdHwErrStorageSize                 ## CONSUMES
+  
 [FeaturePcd]
-  gEfiMdeModulePkgTokenSpaceGuid.PcdVariableCollectStatistics  ## SOMETIME_CONSUMES (statistic the information of variable.)
+  gEfiMdeModulePkgTokenSpaceGuid.PcdVariableCollectStatistics        ## CONSUMES  # statistic the information of variable.
+  gEfiMdePkgTokenSpaceGuid.PcdUefiVariableDefaultLangDeprecate       ## CONSUMES  # Auto update PlatformLang/Lang
 
 [Depex]
   TRUE
-
-
+  
+[UserExtensions.TianoCore."ExtraFiles"]
+  VariableSmmExtra.uni
\ No newline at end of file