[mirror_edk2.git] / MdeModulePkg / Universal / Variable / RuntimeDxe / TcgMorLockDxe.c

/** @file\r
  TCG MOR (Memory Overwrite Request) Lock Control support (DXE version).\r
\r
  This module clears MemoryOverwriteRequestControlLock variable to indicate\r
  MOR lock control unsupported.\r
\r
Copyright (c) 2016, Intel Corporation. All rights reserved.<BR>\r
Copyright (c) Microsoft Corporation.\r
SPDX-License-Identifier: BSD-2-Clause-Patent\r
\r
**/\r
\r
#include <PiDxe.h>\r
#include <Guid/MemoryOverwriteControl.h>\r
#include <IndustryStandard/MemoryOverwriteRequestControlLock.h>\r
#include <Library/DebugLib.h>\r
#include <Library/BaseLib.h>\r
#include <Library/BaseMemoryLib.h>\r
#include "Variable.h"\r
\r
#include <Protocol/VariablePolicy.h>\r
#include <Library/VariablePolicyHelperLib.h>\r
\r
/**\r
  This service is an MOR/MorLock checker handler for the SetVariable().\r
\r
  @param[in]  VariableName the name of the vendor's variable, as a\r
                           Null-Terminated Unicode String\r
  @param[in]  VendorGuid   Unify identifier for vendor.\r
  @param[in]  Attributes   Attributes bitmask to set for the variable.\r
  @param[in]  DataSize     The size in bytes of Data-Buffer.\r
  @param[in]  Data         Point to the content of the variable.\r
\r
  @retval  EFI_SUCCESS            The MOR/MorLock check pass, and Variable\r
                                  driver can store the variable data.\r
  @retval  EFI_INVALID_PARAMETER  The MOR/MorLock data or data size or\r
                                  attributes is not allowed for MOR variable.\r
  @retval  EFI_ACCESS_DENIED      The MOR/MorLock is locked.\r
  @retval  EFI_ALREADY_STARTED    The MorLock variable is handled inside this\r
                                  function. Variable driver can just return\r
                                  EFI_SUCCESS.\r
**/\r
EFI_STATUS\r
SetVariableCheckHandlerMor (\r
  IN CHAR16     *VariableName,\r
  IN EFI_GUID   *VendorGuid,\r
  IN UINT32     Attributes,\r
  IN UINTN      DataSize,\r
  IN VOID       *Data\r
  )\r
{\r
  //\r
  // Just let it pass. No need provide protection for DXE version.\r
  //\r
  return EFI_SUCCESS;\r
}\r
\r
/**\r
  Initialization for MOR Control Lock.\r
\r
  @retval EFI_SUCCESS     MorLock initialization success.\r
  @return Others          Some error occurs.\r
**/\r
EFI_STATUS\r
MorLockInit (\r
  VOID\r
  )\r
{\r
  //\r
  // Always clear variable to report unsupported to OS.\r
  // The reason is that the DXE version is not proper to provide *protection*.\r
  // BIOS should use SMM version variable driver to provide such capability.\r
  //\r
  VariableServiceSetVariable (\r
    MEMORY_OVERWRITE_REQUEST_CONTROL_LOCK_NAME,\r
    &gEfiMemoryOverwriteRequestControlLockGuid,\r
    0,                                          // Attributes\r
    0,                                          // DataSize\r
    NULL                                        // Data\r
    );\r
\r
  //\r
  // The MOR variable can effectively improve platform security only when the\r
  // MorLock variable protects the MOR variable. In turn MorLock cannot be made\r
  // secure without SMM support in the platform firmware (see above).\r
  //\r
  // Thus, delete the MOR variable, should it exist for any reason (some OSes\r
  // are known to create MOR unintentionally, in an attempt to set it), then\r
  // also lock the MOR variable, in order to prevent other modules from\r
  // creating it.\r
  //\r
  VariableServiceSetVariable (\r
    MEMORY_OVERWRITE_REQUEST_VARIABLE_NAME,\r
    &gEfiMemoryOverwriteControlDataGuid,\r
    0,                                      // Attributes\r
    0,                                      // DataSize\r
    NULL                                    // Data\r
    );\r
\r
  return EFI_SUCCESS;\r
}\r
\r
/**\r
  Delayed initialization for MOR Control Lock at EndOfDxe.\r
\r
  This function performs any operations queued by MorLockInit().\r
**/\r
VOID\r
MorLockInitAtEndOfDxe (\r
  VOID\r
  )\r
{\r
  EFI_STATUS                        Status;\r
  EDKII_VARIABLE_POLICY_PROTOCOL    *VariablePolicy;\r
\r
  // First, we obviously need to locate the VariablePolicy protocol.\r
  Status = gBS->LocateProtocol( &gEdkiiVariablePolicyProtocolGuid, NULL, (VOID**)&VariablePolicy );\r
  if (EFI_ERROR( Status )) {\r
    DEBUG(( DEBUG_ERROR, "%a - Could not locate VariablePolicy protocol! %r\n", __FUNCTION__, Status ));\r
    return;\r
  }\r
\r
  // If we're successful, go ahead and set the policies to protect the target variables.\r
  Status = RegisterBasicVariablePolicy( VariablePolicy,\r
                                        &gEfiMemoryOverwriteRequestControlLockGuid,\r
                                        MEMORY_OVERWRITE_REQUEST_CONTROL_LOCK_NAME,\r
                                        VARIABLE_POLICY_NO_MIN_SIZE,\r
                                        VARIABLE_POLICY_NO_MAX_SIZE,\r
                                        VARIABLE_POLICY_NO_MUST_ATTR,\r
                                        VARIABLE_POLICY_NO_CANT_ATTR,\r
                                        VARIABLE_POLICY_TYPE_LOCK_NOW );\r
  if (EFI_ERROR( Status )) {\r
    DEBUG(( DEBUG_ERROR, "%a - Could not lock variable %s! %r\n", __FUNCTION__, MEMORY_OVERWRITE_REQUEST_CONTROL_LOCK_NAME, Status ));\r
  }\r
  Status = RegisterBasicVariablePolicy( VariablePolicy,\r
                                        &gEfiMemoryOverwriteControlDataGuid,\r
                                        MEMORY_OVERWRITE_REQUEST_VARIABLE_NAME,\r
                                        VARIABLE_POLICY_NO_MIN_SIZE,\r
                                        VARIABLE_POLICY_NO_MAX_SIZE,\r
                                        VARIABLE_POLICY_NO_MUST_ATTR,\r
                                        VARIABLE_POLICY_NO_CANT_ATTR,\r
                                        VARIABLE_POLICY_TYPE_LOCK_NOW );\r
  if (EFI_ERROR( Status )) {\r
    DEBUG(( DEBUG_ERROR, "%a - Could not lock variable %s! %r\n", __FUNCTION__, MEMORY_OVERWRITE_REQUEST_VARIABLE_NAME, Status ));\r
  }\r
\r
  return;\r
}\r
Commit	Line	Data
a0994dbe JY	1	/** @file\r
	2	TCG MOR (Memory Overwrite Request) Lock Control support (DXE version).\r
	3	\r
	4	This module clears MemoryOverwriteRequestControlLock variable to indicate\r
	5	MOR lock control unsupported.\r
	6	\r
	7	Copyright (c) 2016, Intel Corporation. All rights reserved.<BR>\r
98ee0c68	8	Copyright (c) Microsoft Corporation.\r
9d510e61	9	SPDX-License-Identifier: BSD-2-Clause-Patent\r
a0994dbe JY	10	\r
	11	**/\r
	12	\r
	13	#include <PiDxe.h>\r
	14	#include <Guid/MemoryOverwriteControl.h>\r
	15	#include <IndustryStandard/MemoryOverwriteRequestControlLock.h>\r
	16	#include <Library/DebugLib.h>\r
	17	#include <Library/BaseLib.h>\r
	18	#include <Library/BaseMemoryLib.h>\r
	19	#include "Variable.h"\r
	20	\r
98ee0c68 BB	21	#include <Protocol/VariablePolicy.h>\r
98ee0c68 BB	22	#include <Library/VariablePolicyHelperLib.h>\r
a0994dbe JY	23	\r
	24	/**\r
	25	This service is an MOR/MorLock checker handler for the SetVariable().\r
	26	\r
03877377 LE	27	@param[in] VariableName the name of the vendor's variable, as a\r
	28	Null-Terminated Unicode String\r
	29	@param[in] VendorGuid Unify identifier for vendor.\r
	30	@param[in] Attributes Attributes bitmask to set for the variable.\r
	31	@param[in] DataSize The size in bytes of Data-Buffer.\r
	32	@param[in] Data Point to the content of the variable.\r
a0994dbe	33	\r
03877377 LE	34	@retval EFI_SUCCESS The MOR/MorLock check pass, and Variable\r
	35	driver can store the variable data.\r
	36	@retval EFI_INVALID_PARAMETER The MOR/MorLock data or data size or\r
	37	attributes is not allowed for MOR variable.\r
a0994dbe	38	@retval EFI_ACCESS_DENIED The MOR/MorLock is locked.\r
03877377 LE	39	@retval EFI_ALREADY_STARTED The MorLock variable is handled inside this\r
	40	function. Variable driver can just return\r
	41	EFI_SUCCESS.\r
a0994dbe JY	42	**/\r
	43	EFI_STATUS\r
	44	SetVariableCheckHandlerMor (\r
	45	IN CHAR16 *VariableName,\r
	46	IN EFI_GUID *VendorGuid,\r
	47	IN UINT32 Attributes,\r
	48	IN UINTN DataSize,\r
	49	IN VOID *Data\r
	50	)\r
	51	{\r
	52	//\r
	53	// Just let it pass. No need provide protection for DXE version.\r
	54	//\r
	55	return EFI_SUCCESS;\r
	56	}\r
	57	\r
	58	/**\r
03877377	59	Initialization for MOR Control Lock.\r
a0994dbe	60	\r
03877377	61	@retval EFI_SUCCESS MorLock initialization success.\r
a0994dbe JY	62	@return Others Some error occurs.\r
	63	**/\r
	64	EFI_STATUS\r
	65	MorLockInit (\r
	66	VOID\r
	67	)\r
	68	{\r
	69	//\r
	70	// Always clear variable to report unsupported to OS.\r
	71	// The reason is that the DXE version is not proper to provide protection.\r
	72	// BIOS should use SMM version variable driver to provide such capability.\r
	73	//\r
	74	VariableServiceSetVariable (\r
	75	MEMORY_OVERWRITE_REQUEST_CONTROL_LOCK_NAME,\r
	76	&gEfiMemoryOverwriteRequestControlLockGuid,\r
704b71d7 LE	77	0, // Attributes\r
	78	0, // DataSize\r
	79	NULL // Data\r
a0994dbe JY	80	);\r
a0994dbe JY	81	\r
704b71d7 LE	82	//\r
	83	// The MOR variable can effectively improve platform security only when the\r
	84	// MorLock variable protects the MOR variable. In turn MorLock cannot be made\r
	85	// secure without SMM support in the platform firmware (see above).\r
	86	//\r
	87	// Thus, delete the MOR variable, should it exist for any reason (some OSes\r
	88	// are known to create MOR unintentionally, in an attempt to set it), then\r
	89	// also lock the MOR variable, in order to prevent other modules from\r
	90	// creating it.\r
	91	//\r
	92	VariableServiceSetVariable (\r
	93	MEMORY_OVERWRITE_REQUEST_VARIABLE_NAME,\r
	94	&gEfiMemoryOverwriteControlDataGuid,\r
	95	0, // Attributes\r
	96	0, // DataSize\r
	97	NULL // Data\r
	98	);\r
704b71d7	99	\r
a0994dbe JY	100	return EFI_SUCCESS;\r
a0994dbe JY	101	}\r
f1304280 LE	102	\r
	103	/**\r
	104	Delayed initialization for MOR Control Lock at EndOfDxe.\r
	105	\r
	106	This function performs any operations queued by MorLockInit().\r
	107	**/\r
	108	VOID\r
	109	MorLockInitAtEndOfDxe (\r
	110	VOID\r
	111	)\r
	112	{\r
98ee0c68 BB	113	EFI_STATUS Status;\r
	114	EDKII_VARIABLE_POLICY_PROTOCOL *VariablePolicy;\r
	115	\r
	116	// First, we obviously need to locate the VariablePolicy protocol.\r
	117	Status = gBS->LocateProtocol( &gEdkiiVariablePolicyProtocolGuid, NULL, (VOID**)&VariablePolicy );\r
	118	if (EFI_ERROR( Status )) {\r
	119	DEBUG(( DEBUG_ERROR, "%a - Could not locate VariablePolicy protocol! %r\n", __FUNCTION__, Status ));\r
	120	return;\r
	121	}\r
	122	\r
	123	// If we're successful, go ahead and set the policies to protect the target variables.\r
	124	Status = RegisterBasicVariablePolicy( VariablePolicy,\r
	125	&gEfiMemoryOverwriteRequestControlLockGuid,\r
	126	MEMORY_OVERWRITE_REQUEST_CONTROL_LOCK_NAME,\r
	127	VARIABLE_POLICY_NO_MIN_SIZE,\r
	128	VARIABLE_POLICY_NO_MAX_SIZE,\r
	129	VARIABLE_POLICY_NO_MUST_ATTR,\r
	130	VARIABLE_POLICY_NO_CANT_ATTR,\r
	131	VARIABLE_POLICY_TYPE_LOCK_NOW );\r
	132	if (EFI_ERROR( Status )) {\r
	133	DEBUG(( DEBUG_ERROR, "%a - Could not lock variable %s! %r\n", __FUNCTION__, MEMORY_OVERWRITE_REQUEST_CONTROL_LOCK_NAME, Status ));\r
	134	}\r
	135	Status = RegisterBasicVariablePolicy( VariablePolicy,\r
	136	&gEfiMemoryOverwriteControlDataGuid,\r
	137	MEMORY_OVERWRITE_REQUEST_VARIABLE_NAME,\r
	138	VARIABLE_POLICY_NO_MIN_SIZE,\r
	139	VARIABLE_POLICY_NO_MAX_SIZE,\r
	140	VARIABLE_POLICY_NO_MUST_ATTR,\r
	141	VARIABLE_POLICY_NO_CANT_ATTR,\r
	142	VARIABLE_POLICY_TYPE_LOCK_NOW );\r
	143	if (EFI_ERROR( Status )) {\r
	144	DEBUG(( DEBUG_ERROR, "%a - Could not lock variable %s! %r\n", __FUNCTION__, MEMORY_OVERWRITE_REQUEST_VARIABLE_NAME, Status ));\r
	145	}\r
	146	\r
	147	return;\r
f1304280	148	}\r