[mirror_edk2.git] / MdePkg / Library / SmmMemLib / SmmMemLib.c

/** @file\r
  Instance of SMM memory check library.\r
\r
  SMM memory check library library implementation. This library consumes SMM_ACCESS2_PROTOCOL\r
  to get SMRAM information. In order to use this library instance, the platform should produce\r
  all SMRAM range via SMM_ACCESS2_PROTOCOL, including the range for firmware (like SMM Core\r
  and SMM driver) and/or specific dedicated hardware.\r
\r
  Copyright (c) 2015 - 2016, Intel Corporation. All rights reserved.<BR>\r
  This program and the accompanying materials\r
  are licensed and made available under the terms and conditions of the BSD License\r
  which accompanies this distribution.  The full text of the license may be found at\r
  http://opensource.org/licenses/bsd-license.php\r
\r
  THE PROGRAM IS DISTRIBUTED UNDER THE BSD LICENSE ON AN "AS IS" BASIS,\r
  WITHOUT WARRANTIES OR REPRESENTATIONS OF ANY KIND, EITHER EXPRESS OR IMPLIED.\r
\r
**/\r
\r
\r
#include <PiSmm.h>\r
\r
#include <Library/BaseLib.h>\r
#include <Library/BaseMemoryLib.h>\r
#include <Library/DebugLib.h>\r
#include <Library/MemoryAllocationLib.h>\r
#include <Library/UefiBootServicesTableLib.h>\r
#include <Library/SmmServicesTableLib.h>\r
#include <Library/HobLib.h>\r
#include <Protocol/SmmAccess2.h>\r
#include <Protocol/SmmReadyToLock.h>\r
#include <Protocol/SmmEndOfDxe.h>\r
\r
#define NEXT_MEMORY_DESCRIPTOR(MemoryDescriptor, Size) \\r
  ((EFI_MEMORY_DESCRIPTOR *)((UINT8 *)(MemoryDescriptor) + (Size)))\r
\r
EFI_SMRAM_DESCRIPTOR *mSmmMemLibInternalSmramRanges;\r
UINTN                mSmmMemLibInternalSmramCount;\r
\r
//\r
// Maximum support address used to check input buffer\r
//\r
EFI_PHYSICAL_ADDRESS  mSmmMemLibInternalMaximumSupportAddress = 0;\r
\r
UINTN                 mMemoryMapEntryCount;\r
EFI_MEMORY_DESCRIPTOR *mMemoryMap;\r
UINTN                 mDescriptorSize;\r
\r
VOID                  *mRegistrationEndOfDxe;\r
VOID                  *mRegistrationReadyToLock;\r
\r
BOOLEAN               mSmmReadyToLock = FALSE;\r
\r
/**\r
  Calculate and save the maximum support address.\r
\r
**/\r
VOID\r
SmmMemLibInternalCalculateMaximumSupportAddress (\r
  VOID\r
  )\r
{\r
  VOID         *Hob;\r
  UINT32       RegEax;\r
  UINT8        PhysicalAddressBits;\r
\r
  //\r
  // Get physical address bits supported.\r
  //\r
  Hob = GetFirstHob (EFI_HOB_TYPE_CPU);\r
  if (Hob != NULL) {\r
    PhysicalAddressBits = ((EFI_HOB_CPU *) Hob)->SizeOfMemorySpace;\r
  } else {\r
    AsmCpuid (0x80000000, &RegEax, NULL, NULL, NULL);\r
    if (RegEax >= 0x80000008) {\r
      AsmCpuid (0x80000008, &RegEax, NULL, NULL, NULL);\r
      PhysicalAddressBits = (UINT8) RegEax;\r
    } else {\r
      PhysicalAddressBits = 36;\r
    }\r
  }\r
  //\r
  // IA-32e paging translates 48-bit linear addresses to 52-bit physical addresses.\r
  //\r
  ASSERT (PhysicalAddressBits <= 52);\r
  if (PhysicalAddressBits > 48) {\r
    PhysicalAddressBits = 48;\r
  }\r
  \r
  //\r
  // Save the maximum support address in one global variable  \r
  //\r
  mSmmMemLibInternalMaximumSupportAddress = (EFI_PHYSICAL_ADDRESS)(UINTN)(LShiftU64 (1, PhysicalAddressBits) - 1);\r
  DEBUG ((EFI_D_INFO, "mSmmMemLibInternalMaximumSupportAddress = 0x%lx\n", mSmmMemLibInternalMaximumSupportAddress));\r
}\r
\r
/**\r
  This function check if the buffer is valid per processor architecture and not overlap with SMRAM.\r
\r
  @param Buffer  The buffer start address to be checked.\r
  @param Length  The buffer length to be checked.\r
\r
  @retval TRUE  This buffer is valid per processor architecture and not overlap with SMRAM.\r
  @retval FALSE This buffer is not valid per processor architecture or overlap with SMRAM.\r
**/\r
BOOLEAN\r
EFIAPI\r
SmmIsBufferOutsideSmmValid (\r
  IN EFI_PHYSICAL_ADDRESS  Buffer,\r
  IN UINT64                Length\r
  )\r
{\r
  UINTN  Index;\r
  \r
  //\r
  // Check override.\r
  // NOTE: (B:0->L:4G) is invalid for IA32, but (B:1->L:4G-1)/(B:4G-1->L:1) is valid.\r
  //\r
  if ((Length > mSmmMemLibInternalMaximumSupportAddress) ||\r
      (Buffer > mSmmMemLibInternalMaximumSupportAddress) ||\r
      ((Length != 0) && (Buffer > (mSmmMemLibInternalMaximumSupportAddress - (Length - 1)))) ) {\r
    //\r
    // Overflow happen\r
    //\r
    DEBUG ((\r
      EFI_D_ERROR,\r
      "SmmIsBufferOutsideSmmValid: Overflow: Buffer (0x%lx) - Length (0x%lx), MaximumSupportAddress (0x%lx)\n",\r
      Buffer,\r
      Length,\r
      mSmmMemLibInternalMaximumSupportAddress\r
      ));\r
    return FALSE;\r
  }\r
  \r
  for (Index = 0; Index < mSmmMemLibInternalSmramCount; Index ++) {\r
    if (((Buffer >= mSmmMemLibInternalSmramRanges[Index].CpuStart) && (Buffer < mSmmMemLibInternalSmramRanges[Index].CpuStart + mSmmMemLibInternalSmramRanges[Index].PhysicalSize)) ||\r
        ((mSmmMemLibInternalSmramRanges[Index].CpuStart >= Buffer) && (mSmmMemLibInternalSmramRanges[Index].CpuStart < Buffer + Length))) {\r
      DEBUG ((\r
        EFI_D_ERROR,\r
        "SmmIsBufferOutsideSmmValid: Overlap: Buffer (0x%lx) - Length (0x%lx), ",\r
        Buffer,\r
        Length\r
        ));\r
      DEBUG ((\r
        EFI_D_ERROR,\r
        "CpuStart (0x%lx) - PhysicalSize (0x%lx)\n",\r
        mSmmMemLibInternalSmramRanges[Index].CpuStart,\r
        mSmmMemLibInternalSmramRanges[Index].PhysicalSize\r
        ));\r
      return FALSE;\r
    }\r
  }\r
\r
  //\r
  // Check override for Valid Communication Region\r
  //\r
  if (mSmmReadyToLock) {\r
    EFI_MEMORY_DESCRIPTOR          *MemoryMap;\r
    BOOLEAN                        InValidCommunicationRegion;\r
    \r
    InValidCommunicationRegion = FALSE;\r
    MemoryMap = mMemoryMap;\r
    for (Index = 0; Index < mMemoryMapEntryCount; Index++) {\r
      if ((Buffer >= MemoryMap->PhysicalStart) &&\r
          (Buffer + Length <= MemoryMap->PhysicalStart + LShiftU64 (MemoryMap->NumberOfPages, EFI_PAGE_SHIFT))) {\r
        InValidCommunicationRegion = TRUE;\r
      }\r
      MemoryMap = NEXT_MEMORY_DESCRIPTOR(MemoryMap, mDescriptorSize);\r
    }\r
\r
    if (!InValidCommunicationRegion) {\r
      DEBUG ((\r
        EFI_D_ERROR,\r
        "SmmIsBufferOutsideSmmValid: Not in ValidCommunicationRegion: Buffer (0x%lx) - Length (0x%lx), ",\r
        Buffer,\r
        Length\r
        ));\r
      ASSERT (FALSE);\r
      return FALSE;\r
    }\r
  }\r
  return TRUE;\r
}\r
\r
/**\r
  Copies a source buffer (non-SMRAM) to a destination buffer (SMRAM).\r
\r
  This function copies a source buffer (non-SMRAM) to a destination buffer (SMRAM).\r
  It checks if source buffer is valid per processor architecture and not overlap with SMRAM.\r
  If the check passes, it copies memory and returns EFI_SUCCESS.\r
  If the check fails, it return EFI_SECURITY_VIOLATION.\r
  The implementation must be reentrant.\r
\r
  @param  DestinationBuffer   The pointer to the destination buffer of the memory copy.\r
  @param  SourceBuffer        The pointer to the source buffer of the memory copy.\r
  @param  Length              The number of bytes to copy from SourceBuffer to DestinationBuffer.\r
\r
  @retval EFI_SECURITY_VIOLATION The SourceBuffer is invalid per processor architecture or overlap with SMRAM.\r
  @retval EFI_SUCCESS            Memory is copied.\r
\r
**/\r
EFI_STATUS\r
EFIAPI\r
SmmCopyMemToSmram (\r
  OUT VOID       *DestinationBuffer,\r
  IN CONST VOID  *SourceBuffer,\r
  IN UINTN       Length\r
  )\r
{\r
  if (!SmmIsBufferOutsideSmmValid ((EFI_PHYSICAL_ADDRESS)(UINTN)SourceBuffer, Length)) {\r
    DEBUG ((EFI_D_ERROR, "SmmCopyMemToSmram: Security Violation: Source (0x%x), Length (0x%x)\n", SourceBuffer, Length));\r
    return EFI_SECURITY_VIOLATION;\r
  }\r
  CopyMem (DestinationBuffer, SourceBuffer, Length);\r
  return EFI_SUCCESS;\r
}\r
\r
/**\r
  Copies a source buffer (SMRAM) to a destination buffer (NON-SMRAM).\r
\r
  This function copies a source buffer (non-SMRAM) to a destination buffer (SMRAM).\r
  It checks if destination buffer is valid per processor architecture and not overlap with SMRAM.\r
  If the check passes, it copies memory and returns EFI_SUCCESS.\r
  If the check fails, it returns EFI_SECURITY_VIOLATION.\r
  The implementation must be reentrant.\r
  \r
  @param  DestinationBuffer   The pointer to the destination buffer of the memory copy.\r
  @param  SourceBuffer        The pointer to the source buffer of the memory copy.\r
  @param  Length              The number of bytes to copy from SourceBuffer to DestinationBuffer.\r
\r
  @retval EFI_SECURITY_VIOLATION The DesinationBuffer is invalid per processor architecture or overlap with SMRAM.\r
  @retval EFI_SUCCESS            Memory is copied.\r
\r
**/\r
EFI_STATUS\r
EFIAPI\r
SmmCopyMemFromSmram (\r
  OUT VOID       *DestinationBuffer,\r
  IN CONST VOID  *SourceBuffer,\r
  IN UINTN       Length\r
  )\r
{\r
  if (!SmmIsBufferOutsideSmmValid ((EFI_PHYSICAL_ADDRESS)(UINTN)DestinationBuffer, Length)) {\r
    DEBUG ((EFI_D_ERROR, "SmmCopyMemFromSmram: Security Violation: Destination (0x%x), Length (0x%x)\n", DestinationBuffer, Length));\r
    return EFI_SECURITY_VIOLATION;\r
  }\r
  CopyMem (DestinationBuffer, SourceBuffer, Length);\r
  return EFI_SUCCESS;\r
}\r
\r
/**\r
  Copies a source buffer (NON-SMRAM) to a destination buffer (NON-SMRAM).\r
\r
  This function copies a source buffer (non-SMRAM) to a destination buffer (SMRAM).\r
  It checks if source buffer and destination buffer are valid per processor architecture and not overlap with SMRAM.\r
  If the check passes, it copies memory and returns EFI_SUCCESS.\r
  If the check fails, it returns EFI_SECURITY_VIOLATION.\r
  The implementation must be reentrant, and it must handle the case where source buffer overlaps destination buffer.\r
  \r
  @param  DestinationBuffer   The pointer to the destination buffer of the memory copy.\r
  @param  SourceBuffer        The pointer to the source buffer of the memory copy.\r
  @param  Length              The number of bytes to copy from SourceBuffer to DestinationBuffer.\r
\r
  @retval EFI_SECURITY_VIOLATION The DesinationBuffer is invalid per processor architecture or overlap with SMRAM.\r
  @retval EFI_SECURITY_VIOLATION The SourceBuffer is invalid per processor architecture or overlap with SMRAM.\r
  @retval EFI_SUCCESS            Memory is copied.\r
\r
**/\r
EFI_STATUS\r
EFIAPI\r
SmmCopyMem (\r
  OUT VOID       *DestinationBuffer,\r
  IN CONST VOID  *SourceBuffer,\r
  IN UINTN       Length\r
  )\r
{\r
  if (!SmmIsBufferOutsideSmmValid ((EFI_PHYSICAL_ADDRESS)(UINTN)DestinationBuffer, Length)) {\r
    DEBUG ((EFI_D_ERROR, "SmmCopyMem: Security Violation: Destination (0x%x), Length (0x%x)\n", DestinationBuffer, Length));\r
    return EFI_SECURITY_VIOLATION;\r
  }\r
  if (!SmmIsBufferOutsideSmmValid ((EFI_PHYSICAL_ADDRESS)(UINTN)SourceBuffer, Length)) {\r
    DEBUG ((EFI_D_ERROR, "SmmCopyMem: Security Violation: Source (0x%x), Length (0x%x)\n", SourceBuffer, Length));\r
    return EFI_SECURITY_VIOLATION;\r
  }\r
  CopyMem (DestinationBuffer, SourceBuffer, Length);\r
  return EFI_SUCCESS;\r
}\r
\r
/**\r
  Fills a target buffer (NON-SMRAM) with a byte value.\r
\r
  This function fills a target buffer (non-SMRAM) with a byte value.\r
  It checks if target buffer is valid per processor architecture and not overlap with SMRAM.\r
  If the check passes, it fills memory and returns EFI_SUCCESS.\r
  If the check fails, it returns EFI_SECURITY_VIOLATION.\r
  \r
  @param  Buffer    The memory to set.\r
  @param  Length    The number of bytes to set.\r
  @param  Value     The value with which to fill Length bytes of Buffer.\r
  \r
  @retval EFI_SECURITY_VIOLATION The Buffer is invalid per processor architecture or overlap with SMRAM.\r
  @retval EFI_SUCCESS            Memory is set.\r
\r
**/\r
EFI_STATUS\r
EFIAPI\r
SmmSetMem (\r
  OUT VOID  *Buffer,\r
  IN UINTN  Length,\r
  IN UINT8  Value\r
  )\r
{\r
  if (!SmmIsBufferOutsideSmmValid ((EFI_PHYSICAL_ADDRESS)(UINTN)Buffer, Length)) {\r
    DEBUG ((EFI_D_ERROR, "SmmSetMem: Security Violation: Source (0x%x), Length (0x%x)\n", Buffer, Length));\r
    return EFI_SECURITY_VIOLATION;\r
  }\r
  SetMem (Buffer, Length, Value);\r
  return EFI_SUCCESS;\r
}\r
\r
/**\r
  Notification for SMM EndOfDxe protocol.\r
\r
  @param[in] Protocol   Points to the protocol's unique identifier.\r
  @param[in] Interface  Points to the interface instance.\r
  @param[in] Handle     The handle on which the interface was installed.\r
\r
  @retval EFI_SUCCESS   Notification runs successfully.\r
**/\r
EFI_STATUS\r
EFIAPI\r
SmmLibInternalEndOfDxeNotify (\r
  IN CONST EFI_GUID  *Protocol,\r
  IN VOID            *Interface,\r
  IN EFI_HANDLE      Handle\r
  )\r
{\r
  EFI_STATUS            Status;\r
  UINTN                 MapKey;\r
  UINTN                 MemoryMapSize;\r
  EFI_MEMORY_DESCRIPTOR *MemoryMap;\r
  EFI_MEMORY_DESCRIPTOR *MemoryMapStart;\r
  EFI_MEMORY_DESCRIPTOR *SmmMemoryMapStart;\r
  UINTN                 MemoryMapEntryCount;\r
  UINTN                 DescriptorSize;\r
  UINT32                DescriptorVersion;\r
  UINTN                 Index;\r
\r
  MemoryMapSize = 0;\r
  MemoryMap = NULL;\r
  Status = gBS->GetMemoryMap (\r
             &MemoryMapSize,\r
             MemoryMap,\r
             &MapKey,\r
             &DescriptorSize,\r
             &DescriptorVersion\r
             );\r
  ASSERT (Status == EFI_BUFFER_TOO_SMALL);\r
\r
  do {\r
    Status = gBS->AllocatePool (EfiBootServicesData, MemoryMapSize, (VOID **)&MemoryMap);\r
    ASSERT (MemoryMap != NULL);\r
  \r
    Status = gBS->GetMemoryMap (\r
               &MemoryMapSize,\r
               MemoryMap,\r
               &MapKey,\r
               &DescriptorSize,\r
               &DescriptorVersion\r
               );\r
    if (EFI_ERROR (Status)) {\r
      gBS->FreePool (MemoryMap);\r
    }\r
  } while (Status == EFI_BUFFER_TOO_SMALL);\r
\r
  //\r
  // Get Count\r
  //\r
  mDescriptorSize = DescriptorSize;\r
  MemoryMapEntryCount = MemoryMapSize/DescriptorSize;\r
  MemoryMapStart = MemoryMap;\r
  mMemoryMapEntryCount = 0;\r
  for (Index = 0; Index < MemoryMapEntryCount; Index++) {\r
    switch (MemoryMap->Type) {\r
    case EfiReservedMemoryType:\r
    case EfiRuntimeServicesCode:\r
    case EfiRuntimeServicesData:\r
    case EfiACPIMemoryNVS:\r
      mMemoryMapEntryCount++;\r
      break;\r
    }\r
    MemoryMap = NEXT_MEMORY_DESCRIPTOR(MemoryMap, DescriptorSize);\r
  }\r
  MemoryMap = MemoryMapStart;\r
  \r
  //\r
  // Get Data\r
  //\r
  mMemoryMap = AllocatePool (mMemoryMapEntryCount*DescriptorSize);\r
  ASSERT (mMemoryMap != NULL);\r
  SmmMemoryMapStart = mMemoryMap;\r
  for (Index = 0; Index < MemoryMapEntryCount; Index++) {\r
    switch (MemoryMap->Type) {\r
    case EfiReservedMemoryType:\r
    case EfiRuntimeServicesCode:\r
    case EfiRuntimeServicesData:\r
    case EfiACPIMemoryNVS:\r
      CopyMem (mMemoryMap, MemoryMap, DescriptorSize);\r
      mMemoryMap = NEXT_MEMORY_DESCRIPTOR(mMemoryMap, DescriptorSize);\r
      break;\r
    }\r
    MemoryMap = NEXT_MEMORY_DESCRIPTOR(MemoryMap, DescriptorSize);\r
  }\r
  mMemoryMap = SmmMemoryMapStart;\r
  MemoryMap = MemoryMapStart;\r
  \r
  gBS->FreePool (MemoryMap);\r
\r
  return EFI_SUCCESS;\r
}\r
\r
\r
/**\r
  Notification for SMM ReadyToLock protocol.\r
\r
  @param[in] Protocol   Points to the protocol's unique identifier.\r
  @param[in] Interface  Points to the interface instance.\r
  @param[in] Handle     The handle on which the interface was installed.\r
\r
  @retval EFI_SUCCESS   Notification runs successfully.\r
**/\r
EFI_STATUS\r
EFIAPI\r
SmmLibInternalReadyToLockNotify (\r
  IN CONST EFI_GUID  *Protocol,\r
  IN VOID            *Interface,\r
  IN EFI_HANDLE      Handle\r
  )\r
{\r
  mSmmReadyToLock = TRUE;\r
  return EFI_SUCCESS;\r
}\r
/**\r
  The constructor function initializes the Smm Mem library\r
\r
  @param  ImageHandle   The firmware allocated handle for the EFI image.\r
  @param  SystemTable   A pointer to the EFI System Table.\r
\r
  @retval EFI_SUCCESS   The constructor always returns EFI_SUCCESS.\r
\r
**/\r
EFI_STATUS\r
EFIAPI\r
SmmMemLibConstructor (\r
  IN EFI_HANDLE        ImageHandle,\r
  IN EFI_SYSTEM_TABLE  *SystemTable\r
  )\r
{\r
  EFI_STATUS                    Status;\r
  EFI_SMM_ACCESS2_PROTOCOL      *SmmAccess;\r
  UINTN                         Size;\r
  \r
  //\r
  // Get SMRAM information\r
  //\r
  Status = gBS->LocateProtocol (&gEfiSmmAccess2ProtocolGuid, NULL, (VOID **)&SmmAccess);\r
  ASSERT_EFI_ERROR (Status);\r
\r
  Size = 0;\r
  Status = SmmAccess->GetCapabilities (SmmAccess, &Size, NULL);\r
  ASSERT (Status == EFI_BUFFER_TOO_SMALL);\r
\r
  mSmmMemLibInternalSmramRanges = AllocatePool (Size);\r
  ASSERT (mSmmMemLibInternalSmramRanges != NULL);\r
\r
  Status = SmmAccess->GetCapabilities (SmmAccess, &Size, mSmmMemLibInternalSmramRanges);\r
  ASSERT_EFI_ERROR (Status);\r
\r
  mSmmMemLibInternalSmramCount = Size / sizeof (EFI_SMRAM_DESCRIPTOR);\r
\r
  //\r
  // Calculate and save maximum support address\r
  //\r
  SmmMemLibInternalCalculateMaximumSupportAddress ();\r
\r
  //\r
  // Register EndOfDxe to get UEFI memory map\r
  //\r
  Status = gSmst->SmmRegisterProtocolNotify (&gEfiSmmEndOfDxeProtocolGuid, SmmLibInternalEndOfDxeNotify, &mRegistrationEndOfDxe);\r
  ASSERT_EFI_ERROR (Status);\r
\r
  //\r
  // Register ready to lock so that we can know when to check valid SMRAM region\r
  //\r
  Status = gSmst->SmmRegisterProtocolNotify (&gEfiSmmReadyToLockProtocolGuid, SmmLibInternalReadyToLockNotify, &mRegistrationReadyToLock);\r
  ASSERT_EFI_ERROR (Status);\r
\r
  return EFI_SUCCESS;\r
}\r
\r
/**\r
  The destructor function frees resource used in the Smm Mem library\r
\r
  @param[in]  ImageHandle   The firmware allocated handle for the EFI image.\r
  @param[in]  SystemTable   A pointer to the EFI System Table.\r
\r
  @retval     EFI_SUCCESS   The deconstructor always returns EFI_SUCCESS.\r
**/\r
EFI_STATUS\r
EFIAPI\r
SmmMemLibDestructor (\r
  IN EFI_HANDLE        ImageHandle,\r
  IN EFI_SYSTEM_TABLE  *SystemTable\r
  )\r
{\r
  FreePool (mSmmMemLibInternalSmramRanges);\r
\r
  gSmst->SmmRegisterProtocolNotify (&gEfiSmmEndOfDxeProtocolGuid, NULL, &mRegistrationEndOfDxe);\r
  gSmst->SmmRegisterProtocolNotify (&gEfiSmmReadyToLockProtocolGuid, NULL, &mRegistrationReadyToLock);\r
  return EFI_SUCCESS;\r
}\r
Commit	Line	Data
d425764e JY	1	/** @file\r
	2	Instance of SMM memory check library.\r
	3	\r
	4	SMM memory check library library implementation. This library consumes SMM_ACCESS2_PROTOCOL\r
	5	to get SMRAM information. In order to use this library instance, the platform should produce\r
	6	all SMRAM range via SMM_ACCESS2_PROTOCOL, including the range for firmware (like SMM Core\r
	7	and SMM driver) and/or specific dedicated hardware.\r
	8	\r
91f51fcc	9	Copyright (c) 2015 - 2016, Intel Corporation. All rights reserved.<BR>\r
d425764e JY	10	This program and the accompanying materials\r
	11	are licensed and made available under the terms and conditions of the BSD License\r
	12	which accompanies this distribution. The full text of the license may be found at\r
	13	http://opensource.org/licenses/bsd-license.php\r
	14	\r
	15	THE PROGRAM IS DISTRIBUTED UNDER THE BSD LICENSE ON AN "AS IS" BASIS,\r
	16	WITHOUT WARRANTIES OR REPRESENTATIONS OF ANY KIND, EITHER EXPRESS OR IMPLIED.\r
	17	\r
	18	**/\r
	19	\r
	20	\r
	21	#include <PiSmm.h>\r
	22	\r
	23	#include <Library/BaseLib.h>\r
	24	#include <Library/BaseMemoryLib.h>\r
	25	#include <Library/DebugLib.h>\r
	26	#include <Library/MemoryAllocationLib.h>\r
	27	#include <Library/UefiBootServicesTableLib.h>\r
	28	#include <Library/SmmServicesTableLib.h>\r
	29	#include <Library/HobLib.h>\r
	30	#include <Protocol/SmmAccess2.h>\r
91f51fcc JY	31	#include <Protocol/SmmReadyToLock.h>\r
	32	#include <Protocol/SmmEndOfDxe.h>\r
	33	\r
	34	#define NEXT_MEMORY_DESCRIPTOR(MemoryDescriptor, Size) \\r
	35	((EFI_MEMORY_DESCRIPTOR )((UINT8 )(MemoryDescriptor) + (Size)))\r
d425764e JY	36	\r
	37	EFI_SMRAM_DESCRIPTOR *mSmmMemLibInternalSmramRanges;\r
	38	UINTN mSmmMemLibInternalSmramCount;\r
	39	\r
	40	//\r
	41	// Maximum support address used to check input buffer\r
	42	//\r
	43	EFI_PHYSICAL_ADDRESS mSmmMemLibInternalMaximumSupportAddress = 0;\r
	44	\r
91f51fcc JY	45	UINTN mMemoryMapEntryCount;\r
	46	EFI_MEMORY_DESCRIPTOR *mMemoryMap;\r
	47	UINTN mDescriptorSize;\r
	48	\r
	49	VOID *mRegistrationEndOfDxe;\r
	50	VOID *mRegistrationReadyToLock;\r
	51	\r
	52	BOOLEAN mSmmReadyToLock = FALSE;\r
	53	\r
d425764e	54	/**\r
2a93f2c3	55	Calculate and save the maximum support address.\r
d425764e JY	56	\r
	57	**/\r
	58	VOID\r
2a93f2c3	59	SmmMemLibInternalCalculateMaximumSupportAddress (\r
d425764e JY	60	VOID\r
	61	)\r
	62	{\r
	63	VOID *Hob;\r
	64	UINT32 RegEax;\r
	65	UINT8 PhysicalAddressBits;\r
	66	\r
	67	//\r
	68	// Get physical address bits supported.\r
	69	//\r
	70	Hob = GetFirstHob (EFI_HOB_TYPE_CPU);\r
	71	if (Hob != NULL) {\r
	72	PhysicalAddressBits = ((EFI_HOB_CPU *) Hob)->SizeOfMemorySpace;\r
	73	} else {\r
	74	AsmCpuid (0x80000000, &RegEax, NULL, NULL, NULL);\r
	75	if (RegEax >= 0x80000008) {\r
	76	AsmCpuid (0x80000008, &RegEax, NULL, NULL, NULL);\r
	77	PhysicalAddressBits = (UINT8) RegEax;\r
	78	} else {\r
	79	PhysicalAddressBits = 36;\r
	80	}\r
	81	}\r
	82	//\r
	83	// IA-32e paging translates 48-bit linear addresses to 52-bit physical addresses.\r
	84	//\r
	85	ASSERT (PhysicalAddressBits <= 52);\r
	86	if (PhysicalAddressBits > 48) {\r
	87	PhysicalAddressBits = 48;\r
	88	}\r
	89	\r
	90	//\r
	91	// Save the maximum support address in one global variable \r
	92	//\r
	93	mSmmMemLibInternalMaximumSupportAddress = (EFI_PHYSICAL_ADDRESS)(UINTN)(LShiftU64 (1, PhysicalAddressBits) - 1);\r
	94	DEBUG ((EFI_D_INFO, "mSmmMemLibInternalMaximumSupportAddress = 0x%lx\n", mSmmMemLibInternalMaximumSupportAddress));\r
	95	}\r
	96	\r
	97	/**\r
	98	This function check if the buffer is valid per processor architecture and not overlap with SMRAM.\r
	99	\r
	100	@param Buffer The buffer start address to be checked.\r
	101	@param Length The buffer length to be checked.\r
	102	\r
	103	@retval TRUE This buffer is valid per processor architecture and not overlap with SMRAM.\r
	104	@retval FALSE This buffer is not valid per processor architecture or overlap with SMRAM.\r
	105	**/\r
	106	BOOLEAN\r
	107	EFIAPI\r
	108	SmmIsBufferOutsideSmmValid (\r
	109	IN EFI_PHYSICAL_ADDRESS Buffer,\r
	110	IN UINT64 Length\r
	111	)\r
	112	{\r
	113	UINTN Index;\r
	114	\r
	115	//\r
	116	// Check override.\r
	117	// NOTE: (B:0->L:4G) is invalid for IA32, but (B:1->L:4G-1)/(B:4G-1->L:1) is valid.\r
	118	//\r
	119	if ((Length > mSmmMemLibInternalMaximumSupportAddress) \|\|\r
	120	(Buffer > mSmmMemLibInternalMaximumSupportAddress) \|\|\r
	121	((Length != 0) && (Buffer > (mSmmMemLibInternalMaximumSupportAddress - (Length - 1)))) ) {\r
	122	//\r
	123	// Overflow happen\r
124	//\r
125	DEBUG ((\r
126	EFI_D_ERROR,\r
127	"SmmIsBufferOutsideSmmValid: Overflow: Buffer (0x%lx) - Length (0x%lx), MaximumSupportAddress (0x%lx)\n",\r
128	Buffer,\r
129	Length,\r
130	mSmmMemLibInternalMaximumSupportAddress\r
131	));\r
132	return FALSE;\r
133	}\r
134	\r
135	for (Index = 0; Index < mSmmMemLibInternalSmramCount; Index ++) {\r
136	if (((Buffer >= mSmmMemLibInternalSmramRanges[Index].CpuStart) && (Buffer < mSmmMemLibInternalSmramRanges[Index].CpuStart + mSmmMemLibInternalSmramRanges[Index].PhysicalSize)) \|\|\r
137	((mSmmMemLibInternalSmramRanges[Index].CpuStart >= Buffer) && (mSmmMemLibInternalSmramRanges[Index].CpuStart < Buffer + Length))) {\r
138	DEBUG ((\r
139	EFI_D_ERROR,\r
140	"SmmIsBufferOutsideSmmValid: Overlap: Buffer (0x%lx) - Length (0x%lx), ",\r
141	Buffer,\r
142	Length\r
143	));\r
144	DEBUG ((\r
145	EFI_D_ERROR,\r
146	"CpuStart (0x%lx) - PhysicalSize (0x%lx)\n",\r
147	mSmmMemLibInternalSmramRanges[Index].CpuStart,\r
148	mSmmMemLibInternalSmramRanges[Index].PhysicalSize\r
149	));\r
150	return FALSE;\r
151	}\r
152	}\r
153	\r
91f51fcc JY	154	//\r
	155	// Check override for Valid Communication Region\r
	156	//\r
	157	if (mSmmReadyToLock) {\r
	158	EFI_MEMORY_DESCRIPTOR *MemoryMap;\r
	159	BOOLEAN InValidCommunicationRegion;\r
	160	\r
	161	InValidCommunicationRegion = FALSE;\r
	162	MemoryMap = mMemoryMap;\r
	163	for (Index = 0; Index < mMemoryMapEntryCount; Index++) {\r
	164	if ((Buffer >= MemoryMap->PhysicalStart) &&\r
	165	(Buffer + Length <= MemoryMap->PhysicalStart + LShiftU64 (MemoryMap->NumberOfPages, EFI_PAGE_SHIFT))) {\r
	166	InValidCommunicationRegion = TRUE;\r
	167	}\r
	168	MemoryMap = NEXT_MEMORY_DESCRIPTOR(MemoryMap, mDescriptorSize);\r
	169	}\r
	170	\r
	171	if (!InValidCommunicationRegion) {\r
	172	DEBUG ((\r
	173	EFI_D_ERROR,\r
	174	"SmmIsBufferOutsideSmmValid: Not in ValidCommunicationRegion: Buffer (0x%lx) - Length (0x%lx), ",\r
	175	Buffer,\r
	176	Length\r
	177	));\r
	178	ASSERT (FALSE);\r
	179	return FALSE;\r
	180	}\r
	181	}\r
d425764e JY	182	return TRUE;\r
	183	}\r
	184	\r
	185	/**\r
	186	Copies a source buffer (non-SMRAM) to a destination buffer (SMRAM).\r
	187	\r
	188	This function copies a source buffer (non-SMRAM) to a destination buffer (SMRAM).\r
	189	It checks if source buffer is valid per processor architecture and not overlap with SMRAM.\r
	190	If the check passes, it copies memory and returns EFI_SUCCESS.\r
	191	If the check fails, it return EFI_SECURITY_VIOLATION.\r
	192	The implementation must be reentrant.\r
	193	\r
	194	@param DestinationBuffer The pointer to the destination buffer of the memory copy.\r
	195	@param SourceBuffer The pointer to the source buffer of the memory copy.\r
	196	@param Length The number of bytes to copy from SourceBuffer to DestinationBuffer.\r
	197	\r
	198	@retval EFI_SECURITY_VIOLATION The SourceBuffer is invalid per processor architecture or overlap with SMRAM.\r
	199	@retval EFI_SUCCESS Memory is copied.\r
	200	\r
	201	**/\r
	202	EFI_STATUS\r
	203	EFIAPI\r
	204	SmmCopyMemToSmram (\r
	205	OUT VOID *DestinationBuffer,\r
	206	IN CONST VOID *SourceBuffer,\r
	207	IN UINTN Length\r
	208	)\r
	209	{\r
	210	if (!SmmIsBufferOutsideSmmValid ((EFI_PHYSICAL_ADDRESS)(UINTN)SourceBuffer, Length)) {\r
	211	DEBUG ((EFI_D_ERROR, "SmmCopyMemToSmram: Security Violation: Source (0x%x), Length (0x%x)\n", SourceBuffer, Length));\r
	212	return EFI_SECURITY_VIOLATION;\r
	213	}\r
	214	CopyMem (DestinationBuffer, SourceBuffer, Length);\r
	215	return EFI_SUCCESS;\r
	216	}\r
	217	\r
	218	/**\r
	219	Copies a source buffer (SMRAM) to a destination buffer (NON-SMRAM).\r
	220	\r
	221	This function copies a source buffer (non-SMRAM) to a destination buffer (SMRAM).\r
	222	It checks if destination buffer is valid per processor architecture and not overlap with SMRAM.\r
	223	If the check passes, it copies memory and returns EFI_SUCCESS.\r
	224	If the check fails, it returns EFI_SECURITY_VIOLATION.\r
	225	The implementation must be reentrant.\r
	226	\r
	227	@param DestinationBuffer The pointer to the destination buffer of the memory copy.\r
	228	@param SourceBuffer The pointer to the source buffer of the memory copy.\r
	229	@param Length The number of bytes to copy from SourceBuffer to DestinationBuffer.\r
	230	\r
	231	@retval EFI_SECURITY_VIOLATION The DesinationBuffer is invalid per processor architecture or overlap with SMRAM.\r
	232	@retval EFI_SUCCESS Memory is copied.\r
	233	\r
	234	**/\r
	235	EFI_STATUS\r
	236	EFIAPI\r
	237	SmmCopyMemFromSmram (\r
	238	OUT VOID *DestinationBuffer,\r
	239	IN CONST VOID *SourceBuffer,\r
	240	IN UINTN Length\r
	241	)\r
	242	{\r
	243	if (!SmmIsBufferOutsideSmmValid ((EFI_PHYSICAL_ADDRESS)(UINTN)DestinationBuffer, Length)) {\r
	244	DEBUG ((EFI_D_ERROR, "SmmCopyMemFromSmram: Security Violation: Destination (0x%x), Length (0x%x)\n", DestinationBuffer, Length));\r
	245	return EFI_SECURITY_VIOLATION;\r
246	}\r
247	CopyMem (DestinationBuffer, SourceBuffer, Length);\r
248	return EFI_SUCCESS;\r
249	}\r
250	\r
251	/**\r
252	Copies a source buffer (NON-SMRAM) to a destination buffer (NON-SMRAM).\r
253	\r
254	This function copies a source buffer (non-SMRAM) to a destination buffer (SMRAM).\r
255	It checks if source buffer and destination buffer are valid per processor architecture and not overlap with SMRAM.\r
256	If the check passes, it copies memory and returns EFI_SUCCESS.\r
257	If the check fails, it returns EFI_SECURITY_VIOLATION.\r
258	The implementation must be reentrant, and it must handle the case where source buffer overlaps destination buffer.\r
259	\r
260	@param DestinationBuffer The pointer to the destination buffer of the memory copy.\r
261	@param SourceBuffer The pointer to the source buffer of the memory copy.\r
262	@param Length The number of bytes to copy from SourceBuffer to DestinationBuffer.\r
263	\r
264	@retval EFI_SECURITY_VIOLATION The DesinationBuffer is invalid per processor architecture or overlap with SMRAM.\r
265	@retval EFI_SECURITY_VIOLATION The SourceBuffer is invalid per processor architecture or overlap with SMRAM.\r
266	@retval EFI_SUCCESS Memory is copied.\r
267	\r
268	**/\r
269	EFI_STATUS\r
270	EFIAPI\r
271	SmmCopyMem (\r
272	OUT VOID *DestinationBuffer,\r
273	IN CONST VOID *SourceBuffer,\r
274	IN UINTN Length\r
275	)\r
276	{\r
277	if (!SmmIsBufferOutsideSmmValid ((EFI_PHYSICAL_ADDRESS)(UINTN)DestinationBuffer, Length)) {\r
278	DEBUG ((EFI_D_ERROR, "SmmCopyMem: Security Violation: Destination (0x%x), Length (0x%x)\n", DestinationBuffer, Length));\r
279	return EFI_SECURITY_VIOLATION;\r
280	}\r
281	if (!SmmIsBufferOutsideSmmValid ((EFI_PHYSICAL_ADDRESS)(UINTN)SourceBuffer, Length)) {\r
282	DEBUG ((EFI_D_ERROR, "SmmCopyMem: Security Violation: Source (0x%x), Length (0x%x)\n", SourceBuffer, Length));\r
283	return EFI_SECURITY_VIOLATION;\r
284	}\r
285	CopyMem (DestinationBuffer, SourceBuffer, Length);\r
286	return EFI_SUCCESS;\r
287	}\r
288	\r
289	/**\r
290	Fills a target buffer (NON-SMRAM) with a byte value.\r
291	\r
292	This function fills a target buffer (non-SMRAM) with a byte value.\r
293	It checks if target buffer is valid per processor architecture and not overlap with SMRAM.\r
294	If the check passes, it fills memory and returns EFI_SUCCESS.\r
295	If the check fails, it returns EFI_SECURITY_VIOLATION.\r
296	\r
297	@param Buffer The memory to set.\r
298	@param Length The number of bytes to set.\r
299	@param Value The value with which to fill Length bytes of Buffer.\r
300	\r
301	@retval EFI_SECURITY_VIOLATION The Buffer is invalid per processor architecture or overlap with SMRAM.\r
302	@retval EFI_SUCCESS Memory is set.\r
303	\r
304	**/\r
305	EFI_STATUS\r
306	EFIAPI\r
307	SmmSetMem (\r
308	OUT VOID *Buffer,\r
309	IN UINTN Length,\r
310	IN UINT8 Value\r
311	)\r
312	{\r
313	if (!SmmIsBufferOutsideSmmValid ((EFI_PHYSICAL_ADDRESS)(UINTN)Buffer, Length)) {\r
314	DEBUG ((EFI_D_ERROR, "SmmSetMem: Security Violation: Source (0x%x), Length (0x%x)\n", Buffer, Length));\r
315	return EFI_SECURITY_VIOLATION;\r
316	}\r
317	SetMem (Buffer, Length, Value);\r
318	return EFI_SUCCESS;\r
319	}\r
320	\r
91f51fcc JY	321	/**\r
	322	Notification for SMM EndOfDxe protocol.\r
	323	\r
	324	@param[in] Protocol Points to the protocol's unique identifier.\r
	325	@param[in] Interface Points to the interface instance.\r
	326	@param[in] Handle The handle on which the interface was installed.\r
	327	\r
	328	@retval EFI_SUCCESS Notification runs successfully.\r
	329	**/\r
	330	EFI_STATUS\r
	331	EFIAPI\r
	332	SmmLibInternalEndOfDxeNotify (\r
	333	IN CONST EFI_GUID *Protocol,\r
	334	IN VOID *Interface,\r
	335	IN EFI_HANDLE Handle\r
	336	)\r
	337	{\r
	338	EFI_STATUS Status;\r
	339	UINTN MapKey;\r
	340	UINTN MemoryMapSize;\r
	341	EFI_MEMORY_DESCRIPTOR *MemoryMap;\r
	342	EFI_MEMORY_DESCRIPTOR *MemoryMapStart;\r
	343	EFI_MEMORY_DESCRIPTOR *SmmMemoryMapStart;\r
	344	UINTN MemoryMapEntryCount;\r
	345	UINTN DescriptorSize;\r
	346	UINT32 DescriptorVersion;\r
	347	UINTN Index;\r
	348	\r
	349	MemoryMapSize = 0;\r
	350	MemoryMap = NULL;\r
	351	Status = gBS->GetMemoryMap (\r
	352	&MemoryMapSize,\r
	353	MemoryMap,\r
	354	&MapKey,\r
	355	&DescriptorSize,\r
	356	&DescriptorVersion\r
	357	);\r
	358	ASSERT (Status == EFI_BUFFER_TOO_SMALL);\r
	359	\r
	360	do {\r
	361	Status = gBS->AllocatePool (EfiBootServicesData, MemoryMapSize, (VOID **)&MemoryMap);\r
	362	ASSERT (MemoryMap != NULL);\r
	363	\r
	364	Status = gBS->GetMemoryMap (\r
	365	&MemoryMapSize,\r
	366	MemoryMap,\r
	367	&MapKey,\r
	368	&DescriptorSize,\r
	369	&DescriptorVersion\r
	370	);\r
	371	if (EFI_ERROR (Status)) {\r
	372	gBS->FreePool (MemoryMap);\r
	373	}\r
	374	} while (Status == EFI_BUFFER_TOO_SMALL);\r
	375	\r
	376	//\r
	377	// Get Count\r
	378	//\r
	379	mDescriptorSize = DescriptorSize;\r
	380	MemoryMapEntryCount = MemoryMapSize/DescriptorSize;\r
	381	MemoryMapStart = MemoryMap;\r
	382	mMemoryMapEntryCount = 0;\r
	383	for (Index = 0; Index < MemoryMapEntryCount; Index++) {\r
	384	switch (MemoryMap->Type) {\r
385	case EfiReservedMemoryType:\r
386	case EfiRuntimeServicesCode:\r
387	case EfiRuntimeServicesData:\r
388	case EfiACPIMemoryNVS:\r
389	mMemoryMapEntryCount++;\r
390	break;\r
391	}\r
392	MemoryMap = NEXT_MEMORY_DESCRIPTOR(MemoryMap, DescriptorSize);\r
393	}\r
394	MemoryMap = MemoryMapStart;\r
395	\r
396	//\r
397	// Get Data\r
398	//\r
399	mMemoryMap = AllocatePool (mMemoryMapEntryCount*DescriptorSize);\r
400	ASSERT (mMemoryMap != NULL);\r
401	SmmMemoryMapStart = mMemoryMap;\r
402	for (Index = 0; Index < MemoryMapEntryCount; Index++) {\r
403	switch (MemoryMap->Type) {\r
404	case EfiReservedMemoryType:\r
405	case EfiRuntimeServicesCode:\r
406	case EfiRuntimeServicesData:\r
407	case EfiACPIMemoryNVS:\r
408	CopyMem (mMemoryMap, MemoryMap, DescriptorSize);\r
409	mMemoryMap = NEXT_MEMORY_DESCRIPTOR(mMemoryMap, DescriptorSize);\r
410	break;\r
411	}\r
412	MemoryMap = NEXT_MEMORY_DESCRIPTOR(MemoryMap, DescriptorSize);\r
413	}\r
414	mMemoryMap = SmmMemoryMapStart;\r
415	MemoryMap = MemoryMapStart;\r
416	\r
417	gBS->FreePool (MemoryMap);\r
418	\r
419	return EFI_SUCCESS;\r
420	}\r
421	\r
422	\r
423	/**\r
424	Notification for SMM ReadyToLock protocol.\r
425	\r
426	@param[in] Protocol Points to the protocol's unique identifier.\r
427	@param[in] Interface Points to the interface instance.\r
428	@param[in] Handle The handle on which the interface was installed.\r
429	\r
430	@retval EFI_SUCCESS Notification runs successfully.\r
431	**/\r
432	EFI_STATUS\r
433	EFIAPI\r
434	SmmLibInternalReadyToLockNotify (\r
435	IN CONST EFI_GUID *Protocol,\r
436	IN VOID *Interface,\r
437	IN EFI_HANDLE Handle\r
438	)\r
439	{\r
440	mSmmReadyToLock = TRUE;\r
441	return EFI_SUCCESS;\r
442	}\r
d425764e JY	443	/**\r
	444	The constructor function initializes the Smm Mem library\r
	445	\r
	446	@param ImageHandle The firmware allocated handle for the EFI image.\r
	447	@param SystemTable A pointer to the EFI System Table.\r
	448	\r
	449	@retval EFI_SUCCESS The constructor always returns EFI_SUCCESS.\r
	450	\r
	451	**/\r
	452	EFI_STATUS\r
	453	EFIAPI\r
	454	SmmMemLibConstructor (\r
	455	IN EFI_HANDLE ImageHandle,\r
	456	IN EFI_SYSTEM_TABLE *SystemTable\r
	457	)\r
	458	{\r
	459	EFI_STATUS Status;\r
	460	EFI_SMM_ACCESS2_PROTOCOL *SmmAccess;\r
	461	UINTN Size;\r
	462	\r
	463	//\r
	464	// Get SMRAM information\r
	465	//\r
	466	Status = gBS->LocateProtocol (&gEfiSmmAccess2ProtocolGuid, NULL, (VOID **)&SmmAccess);\r
	467	ASSERT_EFI_ERROR (Status);\r
	468	\r
	469	Size = 0;\r
	470	Status = SmmAccess->GetCapabilities (SmmAccess, &Size, NULL);\r
	471	ASSERT (Status == EFI_BUFFER_TOO_SMALL);\r
	472	\r
	473	mSmmMemLibInternalSmramRanges = AllocatePool (Size);\r
	474	ASSERT (mSmmMemLibInternalSmramRanges != NULL);\r
	475	\r
	476	Status = SmmAccess->GetCapabilities (SmmAccess, &Size, mSmmMemLibInternalSmramRanges);\r
	477	ASSERT_EFI_ERROR (Status);\r
	478	\r
	479	mSmmMemLibInternalSmramCount = Size / sizeof (EFI_SMRAM_DESCRIPTOR);\r
	480	\r
	481	//\r
2a93f2c3	482	// Calculate and save maximum support address\r
d425764e	483	//\r
2a93f2c3	484	SmmMemLibInternalCalculateMaximumSupportAddress ();\r
d425764e	485	\r
91f51fcc JY	486	//\r
	487	// Register EndOfDxe to get UEFI memory map\r
	488	//\r
	489	Status = gSmst->SmmRegisterProtocolNotify (&gEfiSmmEndOfDxeProtocolGuid, SmmLibInternalEndOfDxeNotify, &mRegistrationEndOfDxe);\r
	490	ASSERT_EFI_ERROR (Status);\r
	491	\r
	492	//\r
	493	// Register ready to lock so that we can know when to check valid SMRAM region\r
	494	//\r
	495	Status = gSmst->SmmRegisterProtocolNotify (&gEfiSmmReadyToLockProtocolGuid, SmmLibInternalReadyToLockNotify, &mRegistrationReadyToLock);\r
	496	ASSERT_EFI_ERROR (Status);\r
	497	\r
d425764e JY	498	return EFI_SUCCESS;\r
	499	}\r
	500	\r
	501	/**\r
	502	The destructor function frees resource used in the Smm Mem library\r
	503	\r
	504	@param[in] ImageHandle The firmware allocated handle for the EFI image.\r
	505	@param[in] SystemTable A pointer to the EFI System Table.\r
	506	\r
	507	@retval EFI_SUCCESS The deconstructor always returns EFI_SUCCESS.\r
	508	**/\r
	509	EFI_STATUS\r
	510	EFIAPI\r
	511	SmmMemLibDestructor (\r
	512	IN EFI_HANDLE ImageHandle,\r
	513	IN EFI_SYSTEM_TABLE *SystemTable\r
	514	)\r
	515	{\r
	516	FreePool (mSmmMemLibInternalSmramRanges);\r
	517	\r
91f51fcc JY	518	gSmst->SmmRegisterProtocolNotify (&gEfiSmmEndOfDxeProtocolGuid, NULL, &mRegistrationEndOfDxe);\r
91f51fcc JY	519	gSmst->SmmRegisterProtocolNotify (&gEfiSmmReadyToLockProtocolGuid, NULL, &mRegistrationReadyToLock);\r
d425764e JY	520	return EFI_SUCCESS;\r
d425764e JY	521	}\r