[mirror_edk2.git] / MdeModulePkg / Library / SmmLockBoxLib / SmmLockBoxSmmLib.c

/** @file\r
\r
Copyright (c) 2010 - 2012, Intel Corporation. All rights reserved.<BR>\r
\r
This program and the accompanying materials\r
are licensed and made available under the terms and conditions\r
of the BSD License which accompanies this distribution.  The\r
full text of the license may be found at\r
http://opensource.org/licenses/bsd-license.php\r
\r
THE PROGRAM IS DISTRIBUTED UNDER THE BSD LICENSE ON AN "AS IS" BASIS,\r
WITHOUT WARRANTIES OR REPRESENTATIONS OF ANY KIND, EITHER EXPRESS OR IMPLIED.\r
\r
**/\r
\r
#include <PiSmm.h>\r
#include <Library/SmmServicesTableLib.h>\r
#include <Library/BaseLib.h>\r
#include <Library/BaseMemoryLib.h>\r
#include <Library/LockBoxLib.h>\r
#include <Library/DebugLib.h>\r
#include <Guid/SmmLockBox.h>\r
\r
#include "SmmLockBoxLibPrivate.h"\r
\r
/**\r
  We need handle this library carefully. Only one library instance will construct the environment.\r
  Below 2 global variable can only be used in constructor. They should NOT be used in any other library functions.\r
**/\r
SMM_LOCK_BOX_CONTEXT mSmmLockBoxContext;\r
LIST_ENTRY           mLockBoxQueue = INITIALIZE_LIST_HEAD_VARIABLE (mLockBoxQueue);\r
\r
/**\r
  This function return SmmLockBox context from SMST.\r
\r
  @return SmmLockBox context from SMST.\r
**/\r
SMM_LOCK_BOX_CONTEXT *\r
InternalGetSmmLockBoxContext (\r
  VOID\r
  )\r
{\r
  UINTN   Index;\r
\r
  //\r
  // Check if gEfiSmmLockBoxCommunicationGuid is installed by someone\r
  //\r
  for (Index = 0; Index < gSmst->NumberOfTableEntries; Index++) {\r
    if (CompareGuid (&gSmst->SmmConfigurationTable[Index].VendorGuid, &gEfiSmmLockBoxCommunicationGuid)) {\r
      //\r
      // Found. That means some other library instance is already run.\r
      // No need to install again, just return.\r
      //\r
      return (SMM_LOCK_BOX_CONTEXT *)gSmst->SmmConfigurationTable[Index].VendorTable;\r
    }\r
  }\r
\r
  //\r
  // Not found.\r
  //\r
  return NULL;\r
}\r
\r
/**\r
  Constructor for SmmLockBox library.\r
  This is used to set SmmLockBox context, which will be used in PEI phase in S3 boot path later.\r
\r
  @param[in] ImageHandle  Image handle of this driver.\r
  @param[in] SystemTable  A Pointer to the EFI System Table.\r
\r
  @retval EFI_SUCEESS     \r
  @return Others          Some error occurs.\r
**/\r
EFI_STATUS\r
EFIAPI\r
SmmLockBoxSmmConstructuor (\r
  IN EFI_HANDLE        ImageHandle,\r
  IN EFI_SYSTEM_TABLE  *SystemTable\r
  )\r
{\r
  EFI_STATUS           Status;\r
  SMM_LOCK_BOX_CONTEXT *SmmLockBoxContext;\r
\r
  DEBUG ((EFI_D_INFO, "SmmLockBoxSmmLib SmmLockBoxSmmConstructuor - Enter\n"));\r
\r
  //\r
  // Check if gEfiSmmLockBoxCommunicationGuid is installed by someone\r
  //\r
  SmmLockBoxContext = InternalGetSmmLockBoxContext ();\r
  if (SmmLockBoxContext != NULL) {\r
    //\r
    // Find it. That means some other library instance is already run.\r
    // No need to install again, just return.\r
    //\r
    DEBUG ((EFI_D_INFO, "SmmLockBoxSmmLib SmmLockBoxContext - already installed\n"));\r
    DEBUG ((EFI_D_INFO, "SmmLockBoxSmmLib SmmLockBoxSmmConstructuor - Exit\n"));\r
    return EFI_SUCCESS;\r
  }\r
\r
  //\r
  // If no one install this, it means this is first instance. Install it.\r
  //\r
  if (sizeof(UINTN) == sizeof(UINT64)) {\r
    mSmmLockBoxContext.Signature = SMM_LOCK_BOX_SIGNATURE_64;\r
  } else {\r
    mSmmLockBoxContext.Signature = SMM_LOCK_BOX_SIGNATURE_32;\r
  }\r
  mSmmLockBoxContext.LockBoxDataAddress = (EFI_PHYSICAL_ADDRESS)(UINTN)&mLockBoxQueue;\r
\r
  Status = gSmst->SmmInstallConfigurationTable (\r
                    gSmst,\r
                    &gEfiSmmLockBoxCommunicationGuid,\r
                    &mSmmLockBoxContext,\r
                    sizeof(mSmmLockBoxContext)\r
                    );\r
  ASSERT_EFI_ERROR (Status);\r
\r
  DEBUG ((EFI_D_INFO, "SmmLockBoxSmmLib SmmLockBoxContext - %x\n", (UINTN)&mSmmLockBoxContext));\r
  DEBUG ((EFI_D_INFO, "SmmLockBoxSmmLib LockBoxDataAddress - %x\n", (UINTN)&mLockBoxQueue));\r
  DEBUG ((EFI_D_INFO, "SmmLockBoxSmmLib SmmLockBoxSmmConstructuor - Exit\n"));\r
\r
  return Status;\r
}\r
\r
/**\r
  This function return SmmLockBox queue address.\r
\r
  @return SmmLockBox queue address.\r
**/\r
LIST_ENTRY *\r
InternalGetLockBoxQueue (\r
  VOID\r
  )\r
{\r
  SMM_LOCK_BOX_CONTEXT        *SmmLockBoxContext;\r
\r
  SmmLockBoxContext = InternalGetSmmLockBoxContext ();\r
  ASSERT (SmmLockBoxContext != NULL);\r
  if (SmmLockBoxContext == NULL) {\r
    return NULL;\r
  }\r
  return (LIST_ENTRY *)(UINTN)SmmLockBoxContext->LockBoxDataAddress;\r
}\r
\r
/**\r
  This function find LockBox by GUID.\r
\r
  @param Guid The guid to indentify the LockBox\r
\r
  @return LockBoxData\r
**/\r
SMM_LOCK_BOX_DATA *\r
InternalFindLockBoxByGuid (\r
  IN EFI_GUID   *Guid\r
  )\r
{\r
  LIST_ENTRY                    *Link;\r
  SMM_LOCK_BOX_DATA             *LockBox;\r
  LIST_ENTRY                    *LockBoxQueue;\r
\r
  LockBoxQueue = InternalGetLockBoxQueue ();\r
  ASSERT (LockBoxQueue != NULL);\r
\r
  for (Link = LockBoxQueue->ForwardLink;\r
       Link != LockBoxQueue;\r
       Link = Link->ForwardLink) {\r
    LockBox = BASE_CR (\r
                Link,\r
                SMM_LOCK_BOX_DATA,\r
                Link\r
                );\r
    if (CompareGuid (&LockBox->Guid, Guid)) {\r
      return LockBox;\r
    }\r
  }\r
  return NULL;\r
}\r
\r
/**\r
  This function will save confidential information to lockbox.\r
\r
  @param Guid       the guid to identify the confidential information\r
  @param Buffer     the address of the confidential information\r
  @param Length     the length of the confidential information\r
\r
  @retval RETURN_SUCCESS            the information is saved successfully.\r
  @retval RETURN_INVALID_PARAMETER  the Guid is NULL, or Buffer is NULL, or Length is 0\r
  @retval RETURN_ALREADY_STARTED    the requested GUID already exist.\r
  @retval RETURN_OUT_OF_RESOURCES   no enough resource to save the information.\r
  @retval RETURN_ACCESS_DENIED      it is too late to invoke this interface\r
  @retval RETURN_NOT_STARTED        it is too early to invoke this interface\r
  @retval RETURN_UNSUPPORTED        the service is not supported by implementaion.\r
**/\r
RETURN_STATUS\r
EFIAPI\r
SaveLockBox (\r
  IN  GUID                        *Guid,\r
  IN  VOID                        *Buffer,\r
  IN  UINTN                       Length\r
  )\r
{\r
  SMM_LOCK_BOX_DATA           *LockBox;\r
  EFI_PHYSICAL_ADDRESS        SmramBuffer;\r
  EFI_STATUS                  Status;\r
  LIST_ENTRY                  *LockBoxQueue;\r
\r
  DEBUG ((EFI_D_INFO, "SmmLockBoxSmmLib SaveLockBox - Enter\n"));\r
\r
  //\r
  // Basic check\r
  //\r
  if ((Guid == NULL) || (Buffer == NULL) || (Length == 0)) {\r
    DEBUG ((EFI_D_INFO, "SmmLockBoxSmmLib SaveLockBox - Exit (%r)\n", EFI_INVALID_PARAMETER));\r
    return EFI_INVALID_PARAMETER;\r
  }\r
\r
  //\r
  // Find LockBox\r
  //\r
  LockBox = InternalFindLockBoxByGuid (Guid);\r
  if (LockBox != NULL) {\r
    DEBUG ((EFI_D_INFO, "SmmLockBoxSmmLib SaveLockBox - Exit (%r)\n", EFI_ALREADY_STARTED));\r
    return EFI_ALREADY_STARTED;\r
  }\r
\r
  //\r
  // Allocate SMRAM buffer\r
  //\r
  Status = gSmst->SmmAllocatePages (\r
                    AllocateAnyPages,\r
                    EfiRuntimeServicesData,\r
                    EFI_SIZE_TO_PAGES (Length),\r
                    &SmramBuffer\r
                    );\r
  ASSERT_EFI_ERROR (Status);\r
  if (EFI_ERROR (Status)) {\r
    DEBUG ((EFI_D_INFO, "SmmLockBoxSmmLib SaveLockBox - Exit (%r)\n", EFI_OUT_OF_RESOURCES));\r
    return EFI_OUT_OF_RESOURCES;\r
  }\r
\r
  //\r
  // Allocate LockBox\r
  //\r
  Status = gSmst->SmmAllocatePool (\r
                    EfiRuntimeServicesData,\r
                    sizeof(*LockBox),\r
                    (VOID **)&LockBox\r
                    );\r
  ASSERT_EFI_ERROR (Status);\r
  if (EFI_ERROR (Status)) {\r
    gSmst->SmmFreePages (SmramBuffer, EFI_SIZE_TO_PAGES (Length));\r
    DEBUG ((EFI_D_INFO, "SmmLockBoxSmmLib SaveLockBox - Exit (%r)\n", EFI_OUT_OF_RESOURCES));\r
    return EFI_OUT_OF_RESOURCES;\r
  }\r
\r
  //\r
  // Save data\r
  //\r
  CopyMem ((VOID *)(UINTN)SmramBuffer, (VOID *)(UINTN)Buffer, Length);\r
\r
  //\r
  // Insert LockBox to queue\r
  //\r
  LockBox->Signature   = SMM_LOCK_BOX_DATA_SIGNATURE;\r
  CopyMem (&LockBox->Guid, Guid, sizeof(EFI_GUID));\r
  LockBox->Buffer      = (EFI_PHYSICAL_ADDRESS)(UINTN)Buffer;\r
  LockBox->Length      = (UINT64)Length;\r
  LockBox->Attributes  = 0;\r
  LockBox->SmramBuffer = SmramBuffer;\r
  \r
  LockBoxQueue = InternalGetLockBoxQueue ();\r
  ASSERT (LockBoxQueue != NULL);\r
  InsertTailList (LockBoxQueue, &LockBox->Link);\r
\r
  //\r
  // Done\r
  //\r
  DEBUG ((EFI_D_INFO, "SmmLockBoxSmmLib SaveLockBox - Exit (%r)\n", EFI_SUCCESS));\r
  return EFI_SUCCESS;\r
}\r
\r
/**\r
  This function will set lockbox attributes.\r
\r
  @param Guid       the guid to identify the confidential information\r
  @param Attributes the attributes of the lockbox\r
\r
  @retval RETURN_SUCCESS            the information is saved successfully.\r
  @retval RETURN_INVALID_PARAMETER  attributes is invalid.\r
  @retval RETURN_NOT_FOUND          the requested GUID not found.\r
  @retval RETURN_ACCESS_DENIED      it is too late to invoke this interface\r
  @retval RETURN_NOT_STARTED        it is too early to invoke this interface\r
  @retval RETURN_UNSUPPORTED        the service is not supported by implementaion.\r
**/\r
RETURN_STATUS\r
EFIAPI\r
SetLockBoxAttributes (\r
  IN  GUID                        *Guid,\r
  IN  UINT64                      Attributes\r
  )\r
{\r
  SMM_LOCK_BOX_DATA              *LockBox;\r
\r
  DEBUG ((EFI_D_INFO, "SmmLockBoxSmmLib SetLockBoxAttributes - Enter\n"));\r
\r
  //\r
  // Basic check\r
  //\r
  if ((Guid == NULL) ||\r
      ((Attributes & ~LOCK_BOX_ATTRIBUTE_RESTORE_IN_PLACE) != 0)) {\r
    DEBUG ((EFI_D_INFO, "SmmLockBoxSmmLib SetLockBoxAttributes - Exit (%r)\n", EFI_INVALID_PARAMETER));\r
    return EFI_INVALID_PARAMETER;\r
  }\r
\r
  //\r
  // Find LockBox\r
  //\r
  LockBox = InternalFindLockBoxByGuid (Guid);\r
  if (LockBox == NULL) {\r
    DEBUG ((EFI_D_INFO, "SmmLockBoxSmmLib SetLockBoxAttributes - Exit (%r)\n", EFI_NOT_FOUND));\r
    return EFI_NOT_FOUND;\r
  }\r
\r
  //\r
  // Update data\r
  //\r
  LockBox->Attributes = Attributes;\r
\r
  //\r
  // Done\r
  //\r
  DEBUG ((EFI_D_INFO, "SmmLockBoxSmmLib SetLockBoxAttributes - Exit (%r)\n", EFI_SUCCESS));\r
  return EFI_SUCCESS;\r
}\r
\r
/**\r
  This function will update confidential information to lockbox.\r
\r
  @param Guid   the guid to identify the original confidential information\r
  @param Offset the offset of the original confidential information\r
  @param Buffer the address of the updated confidential information\r
  @param Length the length of the updated confidential information\r
\r
  @retval RETURN_SUCCESS            the information is saved successfully.\r
  @retval RETURN_INVALID_PARAMETER  the Guid is NULL, or Buffer is NULL, or Length is 0.\r
  @retval RETURN_NOT_FOUND          the requested GUID not found.\r
  @retval RETURN_BUFFER_TOO_SMALL   the original buffer to too small to hold new information.\r
  @retval RETURN_ACCESS_DENIED      it is too late to invoke this interface\r
  @retval RETURN_NOT_STARTED        it is too early to invoke this interface\r
  @retval RETURN_UNSUPPORTED        the service is not supported by implementaion.\r
**/\r
RETURN_STATUS\r
EFIAPI\r
UpdateLockBox (\r
  IN  GUID                        *Guid,\r
  IN  UINTN                       Offset,\r
  IN  VOID                        *Buffer,\r
  IN  UINTN                       Length\r
  )\r
{\r
  SMM_LOCK_BOX_DATA             *LockBox;\r
\r
  DEBUG ((EFI_D_INFO, "SmmLockBoxSmmLib UpdateLockBox - Enter\n"));\r
\r
  //\r
  // Basic check\r
  //\r
  if ((Guid == NULL) || (Buffer == NULL) || (Length == 0)) {\r
    DEBUG ((EFI_D_INFO, "SmmLockBoxSmmLib UpdateLockBox - Exit (%r)\n", EFI_INVALID_PARAMETER));\r
    return EFI_INVALID_PARAMETER;\r
  }\r
\r
  //\r
  // Find LockBox\r
  //\r
  LockBox = InternalFindLockBoxByGuid (Guid);\r
  if (LockBox == NULL) {\r
    DEBUG ((EFI_D_INFO, "SmmLockBoxSmmLib UpdateLockBox - Exit (%r)\n", EFI_NOT_FOUND));\r
    return EFI_NOT_FOUND;\r
  }\r
\r
  //\r
  // Update data\r
  //\r
  if (LockBox->Length < Offset + Length) {\r
    DEBUG ((EFI_D_INFO, "SmmLockBoxSmmLib UpdateLockBox - Exit (%r)\n", EFI_BUFFER_TOO_SMALL));\r
    return EFI_BUFFER_TOO_SMALL;\r
  }\r
  CopyMem ((VOID *)((UINTN)LockBox->SmramBuffer + Offset), Buffer, Length);\r
\r
  //\r
  // Done\r
  //\r
  DEBUG ((EFI_D_INFO, "SmmLockBoxSmmLib UpdateLockBox - Exit (%r)\n", EFI_SUCCESS));\r
  return EFI_SUCCESS;\r
}\r
\r
/**\r
  This function will restore confidential information from lockbox.\r
\r
  @param Guid   the guid to identify the confidential information\r
  @param Buffer the address of the restored confidential information\r
                NULL means restored to original address, Length MUST be NULL at same time.\r
  @param Length the length of the restored confidential information\r
\r
  @retval RETURN_SUCCESS            the information is restored successfully.\r
  @retval RETURN_INVALID_PARAMETER  the Guid is NULL, or one of Buffer and Length is NULL.\r
  @retval RETURN_WRITE_PROTECTED    Buffer and Length are NULL, but the LockBox has no \r
                                    LOCK_BOX_ATTRIBUTE_RESTORE_IN_PLACE attribute.\r
  @retval RETURN_BUFFER_TOO_SMALL   the Length is too small to hold the confidential information.\r
  @retval RETURN_NOT_FOUND          the requested GUID not found.\r
  @retval RETURN_NOT_STARTED        it is too early to invoke this interface\r
  @retval RETURN_ACCESS_DENIED      not allow to restore to the address\r
  @retval RETURN_UNSUPPORTED        the service is not supported by implementaion.\r
**/\r
RETURN_STATUS\r
EFIAPI\r
RestoreLockBox (\r
  IN  GUID                        *Guid,\r
  IN  VOID                        *Buffer, OPTIONAL\r
  IN  OUT UINTN                   *Length  OPTIONAL\r
  )\r
{\r
  SMM_LOCK_BOX_DATA              *LockBox;\r
  VOID                           *RestoreBuffer;\r
\r
  DEBUG ((EFI_D_INFO, "SmmLockBoxSmmLib RestoreLockBox - Enter\n"));\r
\r
  //\r
  // Restore this, Buffer and Length MUST be both NULL or both non-NULL\r
  //\r
  if ((Guid == NULL) ||\r
      ((Buffer == NULL) && (Length != NULL)) ||\r
      ((Buffer != NULL) && (Length == NULL))) {\r
    DEBUG ((EFI_D_INFO, "SmmLockBoxSmmLib RestoreLockBox - Exit (%r)\n", EFI_INVALID_PARAMETER));\r
    return EFI_INVALID_PARAMETER;\r
  }\r
\r
  //\r
  // Find LockBox\r
  //\r
  LockBox = InternalFindLockBoxByGuid (Guid);\r
  if (LockBox == NULL) {\r
    //\r
    // Not found\r
    //\r
    DEBUG ((EFI_D_INFO, "SmmLockBoxSmmLib RestoreLockBox - Exit (%r)\n", EFI_NOT_FOUND));\r
    return EFI_NOT_FOUND;\r
  }\r
\r
  //\r
  // Set RestoreBuffer\r
  //\r
  if (Buffer != NULL) {\r
    //\r
    // restore to new buffer\r
    //\r
    RestoreBuffer = Buffer;\r
  } else {\r
    //\r
    // restore to original buffer\r
    //\r
    if ((LockBox->Attributes & LOCK_BOX_ATTRIBUTE_RESTORE_IN_PLACE) == 0) {\r
      DEBUG ((EFI_D_INFO, "SmmLockBoxSmmLib RestoreLockBox - Exit (%r)\n", EFI_WRITE_PROTECTED));\r
      return EFI_WRITE_PROTECTED;\r
    }\r
    RestoreBuffer = (VOID *)(UINTN)LockBox->Buffer;\r
  }\r
\r
  //\r
  // Set RestoreLength\r
  //\r
  if (Length != NULL) {\r
    if (*Length < (UINTN)LockBox->Length) {\r
      //\r
      // Input buffer is too small to hold all data.\r
      //\r
      *Length = (UINTN)LockBox->Length;\r
      DEBUG ((EFI_D_INFO, "SmmLockBoxSmmLib RestoreLockBox - Exit (%r)\n", EFI_BUFFER_TOO_SMALL));\r
      return EFI_BUFFER_TOO_SMALL;\r
    }\r
    *Length = (UINTN)LockBox->Length;\r
  }\r
\r
  //\r
  // Restore data\r
  //\r
  CopyMem (RestoreBuffer, (VOID *)(UINTN)LockBox->SmramBuffer, (UINTN)LockBox->Length);\r
\r
  //\r
  // Done\r
  //\r
  DEBUG ((EFI_D_INFO, "SmmLockBoxSmmLib RestoreLockBox - Exit (%r)\n", EFI_SUCCESS));\r
  return EFI_SUCCESS;\r
}\r
\r
/**\r
  This function will restore confidential information from all lockbox which have RestoreInPlace attribute.\r
\r
  @retval RETURN_SUCCESS            the information is restored successfully.\r
  @retval RETURN_NOT_STARTED        it is too early to invoke this interface\r
  @retval RETURN_UNSUPPORTED        the service is not supported by implementaion.\r
**/\r
RETURN_STATUS\r
EFIAPI\r
RestoreAllLockBoxInPlace (\r
  VOID\r
  )\r
{\r
  SMM_LOCK_BOX_DATA             *LockBox;\r
  LIST_ENTRY                    *Link;\r
  LIST_ENTRY                    *LockBoxQueue;\r
\r
  DEBUG ((EFI_D_INFO, "SmmLockBoxSmmLib RestoreAllLockBoxInPlace - Enter\n"));\r
\r
  LockBoxQueue = InternalGetLockBoxQueue ();\r
  ASSERT (LockBoxQueue != NULL);\r
\r
  //\r
  // Restore all, Buffer and Length MUST be NULL\r
  //\r
  for (Link = LockBoxQueue->ForwardLink;\r
       Link != LockBoxQueue;\r
       Link = Link->ForwardLink) {\r
    LockBox = BASE_CR (\r
                Link,\r
                SMM_LOCK_BOX_DATA,\r
                Link\r
                );\r
    if ((LockBox->Attributes & LOCK_BOX_ATTRIBUTE_RESTORE_IN_PLACE) != 0) {\r
      //\r
      // Restore data\r
      //\r
      CopyMem ((VOID *)(UINTN)LockBox->Buffer, (VOID *)(UINTN)LockBox->SmramBuffer, (UINTN)LockBox->Length);\r
    }\r
  }\r
  //\r
  // Done\r
  //\r
  DEBUG ((EFI_D_INFO, "SmmLockBoxSmmLib RestoreAllLockBoxInPlace - Exit (%r)\n", EFI_SUCCESS));\r
  return EFI_SUCCESS;\r
}\r
\r
Commit	Line	Data
1c837cd5	1	/** @file\r
1c837cd5	2	\r
a0d74d00	3	Copyright (c) 2010 - 2012, Intel Corporation. All rights reserved.<BR>\r
1c837cd5	4	\r
	5	This program and the accompanying materials\r
	6	are licensed and made available under the terms and conditions\r
	7	of the BSD License which accompanies this distribution. The\r
	8	full text of the license may be found at\r
	9	http://opensource.org/licenses/bsd-license.php\r
	10	\r
	11	THE PROGRAM IS DISTRIBUTED UNDER THE BSD LICENSE ON AN "AS IS" BASIS,\r
	12	WITHOUT WARRANTIES OR REPRESENTATIONS OF ANY KIND, EITHER EXPRESS OR IMPLIED.\r
	13	\r
	14	**/\r
	15	\r
	16	#include <PiSmm.h>\r
	17	#include <Library/SmmServicesTableLib.h>\r
	18	#include <Library/BaseLib.h>\r
	19	#include <Library/BaseMemoryLib.h>\r
	20	#include <Library/LockBoxLib.h>\r
	21	#include <Library/DebugLib.h>\r
	22	#include <Guid/SmmLockBox.h>\r
	23	\r
	24	#include "SmmLockBoxLibPrivate.h"\r
	25	\r
	26	/**\r
	27	We need handle this library carefully. Only one library instance will construct the environment.\r
	28	Below 2 global variable can only be used in constructor. They should NOT be used in any other library functions.\r
	29	**/\r
	30	SMM_LOCK_BOX_CONTEXT mSmmLockBoxContext;\r
	31	LIST_ENTRY mLockBoxQueue = INITIALIZE_LIST_HEAD_VARIABLE (mLockBoxQueue);\r
	32	\r
	33	/**\r
	34	This function return SmmLockBox context from SMST.\r
	35	\r
	36	@return SmmLockBox context from SMST.\r
	37	**/\r
	38	SMM_LOCK_BOX_CONTEXT *\r
	39	InternalGetSmmLockBoxContext (\r
	40	VOID\r
	41	)\r
	42	{\r
	43	UINTN Index;\r
	44	\r
	45	//\r
	46	// Check if gEfiSmmLockBoxCommunicationGuid is installed by someone\r
	47	//\r
	48	for (Index = 0; Index < gSmst->NumberOfTableEntries; Index++) {\r
	49	if (CompareGuid (&gSmst->SmmConfigurationTable[Index].VendorGuid, &gEfiSmmLockBoxCommunicationGuid)) {\r
	50	//\r
	51	// Found. That means some other library instance is already run.\r
	52	// No need to install again, just return.\r
	53	//\r
	54	return (SMM_LOCK_BOX_CONTEXT *)gSmst->SmmConfigurationTable[Index].VendorTable;\r
	55	}\r
	56	}\r
	57	\r
	58	//\r
	59	// Not found.\r
	60	//\r
	61	return NULL;\r
	62	}\r
	63	\r
	64	/**\r
	65	Constructor for SmmLockBox library.\r
	66	This is used to set SmmLockBox context, which will be used in PEI phase in S3 boot path later.\r
	67	\r
68	@param[in] ImageHandle Image handle of this driver.\r
69	@param[in] SystemTable A Pointer to the EFI System Table.\r
70	\r
71	@retval EFI_SUCEESS \r
72	@return Others Some error occurs.\r
73	**/\r
74	EFI_STATUS\r
75	EFIAPI\r
76	SmmLockBoxSmmConstructuor (\r
77	IN EFI_HANDLE ImageHandle,\r
78	IN EFI_SYSTEM_TABLE *SystemTable\r
79	)\r
80	{\r
81	EFI_STATUS Status;\r
82	SMM_LOCK_BOX_CONTEXT *SmmLockBoxContext;\r
83	\r
84	DEBUG ((EFI_D_INFO, "SmmLockBoxSmmLib SmmLockBoxSmmConstructuor - Enter\n"));\r
85	\r
86	//\r
87	// Check if gEfiSmmLockBoxCommunicationGuid is installed by someone\r
88	//\r
89	SmmLockBoxContext = InternalGetSmmLockBoxContext ();\r
90	if (SmmLockBoxContext != NULL) {\r
91	//\r
92	// Find it. That means some other library instance is already run.\r
93	// No need to install again, just return.\r
94	//\r
95	DEBUG ((EFI_D_INFO, "SmmLockBoxSmmLib SmmLockBoxContext - already installed\n"));\r
96	DEBUG ((EFI_D_INFO, "SmmLockBoxSmmLib SmmLockBoxSmmConstructuor - Exit\n"));\r
97	return EFI_SUCCESS;\r
98	}\r
99	\r
100	//\r
101	// If no one install this, it means this is first instance. Install it.\r
102	//\r
103	if (sizeof(UINTN) == sizeof(UINT64)) {\r
104	mSmmLockBoxContext.Signature = SMM_LOCK_BOX_SIGNATURE_64;\r
105	} else {\r
106	mSmmLockBoxContext.Signature = SMM_LOCK_BOX_SIGNATURE_32;\r
107	}\r
108	mSmmLockBoxContext.LockBoxDataAddress = (EFI_PHYSICAL_ADDRESS)(UINTN)&mLockBoxQueue;\r
109	\r
110	Status = gSmst->SmmInstallConfigurationTable (\r
111	gSmst,\r
112	&gEfiSmmLockBoxCommunicationGuid,\r
113	&mSmmLockBoxContext,\r
114	sizeof(mSmmLockBoxContext)\r
115	);\r
116	ASSERT_EFI_ERROR (Status);\r
117	\r
118	DEBUG ((EFI_D_INFO, "SmmLockBoxSmmLib SmmLockBoxContext - %x\n", (UINTN)&mSmmLockBoxContext));\r
119	DEBUG ((EFI_D_INFO, "SmmLockBoxSmmLib LockBoxDataAddress - %x\n", (UINTN)&mLockBoxQueue));\r
120	DEBUG ((EFI_D_INFO, "SmmLockBoxSmmLib SmmLockBoxSmmConstructuor - Exit\n"));\r
121	\r
122	return Status;\r
123	}\r
124	\r
125	/**\r
126	This function return SmmLockBox queue address.\r
127	\r
128	@return SmmLockBox queue address.\r
129	**/\r
130	LIST_ENTRY *\r
131	InternalGetLockBoxQueue (\r
132	VOID\r
133	)\r
134	{\r
135	SMM_LOCK_BOX_CONTEXT *SmmLockBoxContext;\r
136	\r
137	SmmLockBoxContext = InternalGetSmmLockBoxContext ();\r
138	ASSERT (SmmLockBoxContext != NULL);\r
139	if (SmmLockBoxContext == NULL) {\r
140	return NULL;\r
141	}\r
142	return (LIST_ENTRY *)(UINTN)SmmLockBoxContext->LockBoxDataAddress;\r
143	}\r
144	\r
145	/**\r
146	This function find LockBox by GUID.\r
147	\r
148	@param Guid The guid to indentify the LockBox\r
149	\r
150	@return LockBoxData\r
151	**/\r
152	SMM_LOCK_BOX_DATA *\r
153	InternalFindLockBoxByGuid (\r
154	IN EFI_GUID *Guid\r
155	)\r
156	{\r
157	LIST_ENTRY *Link;\r
158	SMM_LOCK_BOX_DATA *LockBox;\r
159	LIST_ENTRY *LockBoxQueue;\r
160	\r
161	LockBoxQueue = InternalGetLockBoxQueue ();\r
162	ASSERT (LockBoxQueue != NULL);\r
163	\r
164	for (Link = LockBoxQueue->ForwardLink;\r
165	Link != LockBoxQueue;\r
166	Link = Link->ForwardLink) {\r
167	LockBox = BASE_CR (\r
168	Link,\r
169	SMM_LOCK_BOX_DATA,\r
170	Link\r
171	);\r
172	if (CompareGuid (&LockBox->Guid, Guid)) {\r
173	return LockBox;\r
174	}\r
175	}\r
176	return NULL;\r
177	}\r
178	\r
179	/**\r
180	This function will save confidential information to lockbox.\r
181	\r
182	@param Guid the guid to identify the confidential information\r
183	@param Buffer the address of the confidential information\r
184	@param Length the length of the confidential information\r
185	\r
186	@retval RETURN_SUCCESS the information is saved successfully.\r
187	@retval RETURN_INVALID_PARAMETER the Guid is NULL, or Buffer is NULL, or Length is 0\r
188	@retval RETURN_ALREADY_STARTED the requested GUID already exist.\r
189	@retval RETURN_OUT_OF_RESOURCES no enough resource to save the information.\r
190	@retval RETURN_ACCESS_DENIED it is too late to invoke this interface\r
191	@retval RETURN_NOT_STARTED it is too early to invoke this interface\r
192	@retval RETURN_UNSUPPORTED the service is not supported by implementaion.\r
193	**/\r
194	RETURN_STATUS\r
195	EFIAPI\r
196	SaveLockBox (\r
197	IN GUID *Guid,\r
198	IN VOID *Buffer,\r
199	IN UINTN Length\r
200	)\r
201	{\r
202	SMM_LOCK_BOX_DATA *LockBox;\r
203	EFI_PHYSICAL_ADDRESS SmramBuffer;\r
204	EFI_STATUS Status;\r
205	LIST_ENTRY *LockBoxQueue;\r
206	\r
207	DEBUG ((EFI_D_INFO, "SmmLockBoxSmmLib SaveLockBox - Enter\n"));\r
208	\r
209	//\r
210	// Basic check\r
211	//\r
212	if ((Guid == NULL) \|\| (Buffer == NULL) \|\| (Length == 0)) {\r
213	DEBUG ((EFI_D_INFO, "SmmLockBoxSmmLib SaveLockBox - Exit (%r)\n", EFI_INVALID_PARAMETER));\r
214	return EFI_INVALID_PARAMETER;\r
215	}\r
216	\r
217	//\r
218	// Find LockBox\r
219	//\r
220	LockBox = InternalFindLockBoxByGuid (Guid);\r
221	if (LockBox != NULL) {\r
222	DEBUG ((EFI_D_INFO, "SmmLockBoxSmmLib SaveLockBox - Exit (%r)\n", EFI_ALREADY_STARTED));\r
223	return EFI_ALREADY_STARTED;\r
224	}\r
225	\r
226	//\r
227	// Allocate SMRAM buffer\r
228	//\r
229	Status = gSmst->SmmAllocatePages (\r
230	AllocateAnyPages,\r
231	EfiRuntimeServicesData,\r
232	EFI_SIZE_TO_PAGES (Length),\r
233	&SmramBuffer\r
234	);\r
235	ASSERT_EFI_ERROR (Status);\r
236	if (EFI_ERROR (Status)) {\r
237	DEBUG ((EFI_D_INFO, "SmmLockBoxSmmLib SaveLockBox - Exit (%r)\n", EFI_OUT_OF_RESOURCES));\r
238	return EFI_OUT_OF_RESOURCES;\r
239	}\r
240	\r
241	//\r
242	// Allocate LockBox\r
243	//\r
244	Status = gSmst->SmmAllocatePool (\r
245	EfiRuntimeServicesData,\r
246	sizeof(*LockBox),\r
247	(VOID **)&LockBox\r
248	);\r
249	ASSERT_EFI_ERROR (Status);\r
250	if (EFI_ERROR (Status)) {\r
251	gSmst->SmmFreePages (SmramBuffer, EFI_SIZE_TO_PAGES (Length));\r
252	DEBUG ((EFI_D_INFO, "SmmLockBoxSmmLib SaveLockBox - Exit (%r)\n", EFI_OUT_OF_RESOURCES));\r
253	return EFI_OUT_OF_RESOURCES;\r
254	}\r
255	\r
256	//\r
257	// Save data\r
258	//\r
259	CopyMem ((VOID )(UINTN)SmramBuffer, (VOID )(UINTN)Buffer, Length);\r
260	\r
261	//\r
262	// Insert LockBox to queue\r
263	//\r
264	LockBox->Signature = SMM_LOCK_BOX_DATA_SIGNATURE;\r
265	CopyMem (&LockBox->Guid, Guid, sizeof(EFI_GUID));\r
266	LockBox->Buffer = (EFI_PHYSICAL_ADDRESS)(UINTN)Buffer;\r
267	LockBox->Length = (UINT64)Length;\r
05ca95e2	268	LockBox->Attributes = 0;\r
1c837cd5	269	LockBox->SmramBuffer = SmramBuffer;\r
	270	\r
	271	LockBoxQueue = InternalGetLockBoxQueue ();\r
	272	ASSERT (LockBoxQueue != NULL);\r
	273	InsertTailList (LockBoxQueue, &LockBox->Link);\r
	274	\r
	275	//\r
	276	// Done\r
	277	//\r
	278	DEBUG ((EFI_D_INFO, "SmmLockBoxSmmLib SaveLockBox - Exit (%r)\n", EFI_SUCCESS));\r
	279	return EFI_SUCCESS;\r
	280	}\r
	281	\r
	282	/**\r
	283	This function will set lockbox attributes.\r
	284	\r
	285	@param Guid the guid to identify the confidential information\r
	286	@param Attributes the attributes of the lockbox\r
	287	\r
	288	@retval RETURN_SUCCESS the information is saved successfully.\r
	289	@retval RETURN_INVALID_PARAMETER attributes is invalid.\r
	290	@retval RETURN_NOT_FOUND the requested GUID not found.\r
	291	@retval RETURN_ACCESS_DENIED it is too late to invoke this interface\r
	292	@retval RETURN_NOT_STARTED it is too early to invoke this interface\r
	293	@retval RETURN_UNSUPPORTED the service is not supported by implementaion.\r
	294	**/\r
	295	RETURN_STATUS\r
	296	EFIAPI\r
	297	SetLockBoxAttributes (\r
	298	IN GUID *Guid,\r
	299	IN UINT64 Attributes\r
	300	)\r
	301	{\r
	302	SMM_LOCK_BOX_DATA *LockBox;\r
	303	\r
	304	DEBUG ((EFI_D_INFO, "SmmLockBoxSmmLib SetLockBoxAttributes - Enter\n"));\r
	305	\r
	306	//\r
	307	// Basic check\r
	308	//\r
	309	if ((Guid == NULL) \|\|\r
	310	((Attributes & ~LOCK_BOX_ATTRIBUTE_RESTORE_IN_PLACE) != 0)) {\r
	311	DEBUG ((EFI_D_INFO, "SmmLockBoxSmmLib SetLockBoxAttributes - Exit (%r)\n", EFI_INVALID_PARAMETER));\r
	312	return EFI_INVALID_PARAMETER;\r
	313	}\r
	314	\r
	315	//\r
	316	// Find LockBox\r
	317	//\r
	318	LockBox = InternalFindLockBoxByGuid (Guid);\r
	319	if (LockBox == NULL) {\r
	320	DEBUG ((EFI_D_INFO, "SmmLockBoxSmmLib SetLockBoxAttributes - Exit (%r)\n", EFI_NOT_FOUND));\r
	321	return EFI_NOT_FOUND;\r
	322	}\r
	323	\r
	324	//\r
	325	// Update data\r
	326	//\r
	327	LockBox->Attributes = Attributes;\r
	328	\r
	329	//\r
	330	// Done\r
	331	//\r
	332	DEBUG ((EFI_D_INFO, "SmmLockBoxSmmLib SetLockBoxAttributes - Exit (%r)\n", EFI_SUCCESS));\r
333	return EFI_SUCCESS;\r
334	}\r
335	\r
336	/**\r
337	This function will update confidential information to lockbox.\r
338	\r
339	@param Guid the guid to identify the original confidential information\r
340	@param Offset the offset of the original confidential information\r
341	@param Buffer the address of the updated confidential information\r
342	@param Length the length of the updated confidential information\r
343	\r
344	@retval RETURN_SUCCESS the information is saved successfully.\r
345	@retval RETURN_INVALID_PARAMETER the Guid is NULL, or Buffer is NULL, or Length is 0.\r
346	@retval RETURN_NOT_FOUND the requested GUID not found.\r
347	@retval RETURN_BUFFER_TOO_SMALL the original buffer to too small to hold new information.\r
348	@retval RETURN_ACCESS_DENIED it is too late to invoke this interface\r
349	@retval RETURN_NOT_STARTED it is too early to invoke this interface\r
350	@retval RETURN_UNSUPPORTED the service is not supported by implementaion.\r
351	**/\r
352	RETURN_STATUS\r
353	EFIAPI\r
354	UpdateLockBox (\r
355	IN GUID *Guid,\r
356	IN UINTN Offset,\r
357	IN VOID *Buffer,\r
358	IN UINTN Length\r
359	)\r
360	{\r
361	SMM_LOCK_BOX_DATA *LockBox;\r
362	\r
363	DEBUG ((EFI_D_INFO, "SmmLockBoxSmmLib UpdateLockBox - Enter\n"));\r
364	\r
365	//\r
366	// Basic check\r
367	//\r
368	if ((Guid == NULL) \|\| (Buffer == NULL) \|\| (Length == 0)) {\r
369	DEBUG ((EFI_D_INFO, "SmmLockBoxSmmLib UpdateLockBox - Exit (%r)\n", EFI_INVALID_PARAMETER));\r
370	return EFI_INVALID_PARAMETER;\r
371	}\r
372	\r
373	//\r
374	// Find LockBox\r
375	//\r
376	LockBox = InternalFindLockBoxByGuid (Guid);\r
377	if (LockBox == NULL) {\r
378	DEBUG ((EFI_D_INFO, "SmmLockBoxSmmLib UpdateLockBox - Exit (%r)\n", EFI_NOT_FOUND));\r
379	return EFI_NOT_FOUND;\r
380	}\r
381	\r
382	//\r
383	// Update data\r
384	//\r
385	if (LockBox->Length < Offset + Length) {\r
386	DEBUG ((EFI_D_INFO, "SmmLockBoxSmmLib UpdateLockBox - Exit (%r)\n", EFI_BUFFER_TOO_SMALL));\r
387	return EFI_BUFFER_TOO_SMALL;\r
388	}\r
389	CopyMem ((VOID *)((UINTN)LockBox->SmramBuffer + Offset), Buffer, Length);\r
390	\r
391	//\r
392	// Done\r
393	//\r
394	DEBUG ((EFI_D_INFO, "SmmLockBoxSmmLib UpdateLockBox - Exit (%r)\n", EFI_SUCCESS));\r
395	return EFI_SUCCESS;\r
396	}\r
397	\r
398	/**\r
399	This function will restore confidential information from lockbox.\r
400	\r
401	@param Guid the guid to identify the confidential information\r
402	@param Buffer the address of the restored confidential information\r
403	NULL means restored to original address, Length MUST be NULL at same time.\r
404	@param Length the length of the restored confidential information\r
405	\r
406	@retval RETURN_SUCCESS the information is restored successfully.\r
407	@retval RETURN_INVALID_PARAMETER the Guid is NULL, or one of Buffer and Length is NULL.\r
408	@retval RETURN_WRITE_PROTECTED Buffer and Length are NULL, but the LockBox has no \r
409	LOCK_BOX_ATTRIBUTE_RESTORE_IN_PLACE attribute.\r
410	@retval RETURN_BUFFER_TOO_SMALL the Length is too small to hold the confidential information.\r
411	@retval RETURN_NOT_FOUND the requested GUID not found.\r
412	@retval RETURN_NOT_STARTED it is too early to invoke this interface\r
413	@retval RETURN_ACCESS_DENIED not allow to restore to the address\r
414	@retval RETURN_UNSUPPORTED the service is not supported by implementaion.\r
415	**/\r
416	RETURN_STATUS\r
417	EFIAPI\r
418	RestoreLockBox (\r
419	IN GUID *Guid,\r
420	IN VOID *Buffer, OPTIONAL\r
421	IN OUT UINTN *Length OPTIONAL\r
422	)\r
423	{\r
424	SMM_LOCK_BOX_DATA *LockBox;\r
425	VOID *RestoreBuffer;\r
426	\r
427	DEBUG ((EFI_D_INFO, "SmmLockBoxSmmLib RestoreLockBox - Enter\n"));\r
428	\r
429	//\r
430	// Restore this, Buffer and Length MUST be both NULL or both non-NULL\r
431	//\r
432	if ((Guid == NULL) \|\|\r
433	((Buffer == NULL) && (Length != NULL)) \|\|\r
434	((Buffer != NULL) && (Length == NULL))) {\r
435	DEBUG ((EFI_D_INFO, "SmmLockBoxSmmLib RestoreLockBox - Exit (%r)\n", EFI_INVALID_PARAMETER));\r
436	return EFI_INVALID_PARAMETER;\r
437	}\r
438	\r
439	//\r
440	// Find LockBox\r
441	//\r
442	LockBox = InternalFindLockBoxByGuid (Guid);\r
443	if (LockBox == NULL) {\r
444	//\r
445	// Not found\r
446	//\r
447	DEBUG ((EFI_D_INFO, "SmmLockBoxSmmLib RestoreLockBox - Exit (%r)\n", EFI_NOT_FOUND));\r
448	return EFI_NOT_FOUND;\r
449	}\r
450	\r
451	//\r
452	// Set RestoreBuffer\r
453	//\r
454	if (Buffer != NULL) {\r
455	//\r
456	// restore to new buffer\r
457	//\r
458	RestoreBuffer = Buffer;\r
459	} else {\r
460	//\r
461	// restore to original buffer\r
462	//\r
463	if ((LockBox->Attributes & LOCK_BOX_ATTRIBUTE_RESTORE_IN_PLACE) == 0) {\r
464	DEBUG ((EFI_D_INFO, "SmmLockBoxSmmLib RestoreLockBox - Exit (%r)\n", EFI_WRITE_PROTECTED));\r
465	return EFI_WRITE_PROTECTED;\r
466	}\r
467	RestoreBuffer = (VOID *)(UINTN)LockBox->Buffer;\r
468	}\r
469	\r
470	//\r
471	// Set RestoreLength\r
472	//\r
473	if (Length != NULL) {\r
474	if (*Length < (UINTN)LockBox->Length) {\r
475	//\r
476	// Input buffer is too small to hold all data.\r
477	//\r
478	*Length = (UINTN)LockBox->Length;\r
479	DEBUG ((EFI_D_INFO, "SmmLockBoxSmmLib RestoreLockBox - Exit (%r)\n", EFI_BUFFER_TOO_SMALL));\r
480	return EFI_BUFFER_TOO_SMALL;\r
481	}\r
482	*Length = (UINTN)LockBox->Length;\r
483	}\r
484	\r
485	//\r
486	// Restore data\r
487	//\r
488	CopyMem (RestoreBuffer, (VOID *)(UINTN)LockBox->SmramBuffer, (UINTN)LockBox->Length);\r
489	\r
490	//\r
491	// Done\r
492	//\r
493	DEBUG ((EFI_D_INFO, "SmmLockBoxSmmLib RestoreLockBox - Exit (%r)\n", EFI_SUCCESS));\r
494	return EFI_SUCCESS;\r
495	}\r
496	\r
497	/**\r
498	This function will restore confidential information from all lockbox which have RestoreInPlace attribute.\r
499	\r
500	@retval RETURN_SUCCESS the information is restored successfully.\r
501	@retval RETURN_NOT_STARTED it is too early to invoke this interface\r
502	@retval RETURN_UNSUPPORTED the service is not supported by implementaion.\r
503	**/\r
504	RETURN_STATUS\r
505	EFIAPI\r
506	RestoreAllLockBoxInPlace (\r
507	VOID\r
508	)\r
509	{\r
510	SMM_LOCK_BOX_DATA *LockBox;\r
511	LIST_ENTRY *Link;\r
512	LIST_ENTRY *LockBoxQueue;\r
513	\r
514	DEBUG ((EFI_D_INFO, "SmmLockBoxSmmLib RestoreAllLockBoxInPlace - Enter\n"));\r
515	\r
516	LockBoxQueue = InternalGetLockBoxQueue ();\r
517	ASSERT (LockBoxQueue != NULL);\r
518	\r
519	//\r
520	// Restore all, Buffer and Length MUST be NULL\r
521	//\r
522	for (Link = LockBoxQueue->ForwardLink;\r
523	Link != LockBoxQueue;\r
524	Link = Link->ForwardLink) {\r
525	LockBox = BASE_CR (\r
526	Link,\r
527	SMM_LOCK_BOX_DATA,\r
528	Link\r
529	);\r
530	if ((LockBox->Attributes & LOCK_BOX_ATTRIBUTE_RESTORE_IN_PLACE) != 0) {\r
531	//\r
532	// Restore data\r
533	//\r
534	CopyMem ((VOID )(UINTN)LockBox->Buffer, (VOID )(UINTN)LockBox->SmramBuffer, (UINTN)LockBox->Length);\r
535	}\r
536	}\r
537	//\r
538	// Done\r
539	//\r
540	DEBUG ((EFI_D_INFO, "SmmLockBoxSmmLib RestoreAllLockBoxInPlace - Exit (%r)\n", EFI_SUCCESS));\r
541	return EFI_SUCCESS;\r
542	}\r
543	\r