]>
Commit | Line | Data |
---|---|---|
70c7664c JY |
1 | /** @file\r |
2 | TCG MOR (Memory Overwrite Request) Lock Control Driver.\r | |
3 | \r | |
d6b926e7 | 4 | This driver initializes MemoryOverwriteRequestControlLock variable.\r |
70c7664c JY |
5 | This module will add Variable Hook and allow MemoryOverwriteRequestControlLock variable set only once.\r |
6 | \r | |
b3548d32 | 7 | Copyright (c) 2015 - 2018, Intel Corporation. All rights reserved.<BR>\r |
289b714b | 8 | SPDX-License-Identifier: BSD-2-Clause-Patent\r |
70c7664c JY |
9 | \r |
10 | **/\r | |
11 | \r | |
12 | #include <PiDxe.h>\r | |
13 | #include <Guid/MemoryOverwriteControl.h>\r | |
14 | #include <IndustryStandard/MemoryOverwriteRequestControlLock.h>\r | |
15 | #include <Library/DebugLib.h>\r | |
16 | #include <Library/BaseLib.h>\r | |
17 | #include <Library/BaseMemoryLib.h>\r | |
18 | #include "TcgMorLock.h"\r | |
19 | \r | |
20 | typedef struct {\r | |
c411b485 MK |
21 | CHAR16 *VariableName;\r |
22 | EFI_GUID *VendorGuid;\r | |
70c7664c JY |
23 | } VARIABLE_TYPE;\r |
24 | \r | |
25 | VARIABLE_TYPE mMorVariableType[] = {\r | |
c411b485 MK |
26 | { MEMORY_OVERWRITE_REQUEST_VARIABLE_NAME, &gEfiMemoryOverwriteControlDataGuid },\r |
27 | { MEMORY_OVERWRITE_REQUEST_CONTROL_LOCK_NAME, &gEfiMemoryOverwriteRequestControlLockGuid },\r | |
70c7664c JY |
28 | };\r |
29 | \r | |
30 | /**\r | |
31 | Returns if this is MOR related variable.\r | |
32 | \r | |
33 | @param VariableName the name of the vendor's variable, it's a Null-Terminated Unicode String\r | |
34 | @param VendorGuid Unify identifier for vendor.\r | |
35 | \r | |
36 | @retval TRUE The variable is MOR related.\r | |
37 | @retval FALSE The variable is NOT MOR related.\r | |
38 | **/\r | |
39 | BOOLEAN\r | |
40 | IsAnyMorVariable (\r | |
c411b485 MK |
41 | IN CHAR16 *VariableName,\r |
42 | IN EFI_GUID *VendorGuid\r | |
70c7664c JY |
43 | )\r |
44 | {\r | |
c411b485 | 45 | UINTN Index;\r |
70c7664c | 46 | \r |
c411b485 | 47 | for (Index = 0; Index < sizeof (mMorVariableType)/sizeof (mMorVariableType[0]); Index++) {\r |
b3548d32 | 48 | if ((StrCmp (VariableName, mMorVariableType[Index].VariableName) == 0) &&\r |
c411b485 MK |
49 | (CompareGuid (VendorGuid, mMorVariableType[Index].VendorGuid)))\r |
50 | {\r | |
70c7664c JY |
51 | return TRUE;\r |
52 | }\r | |
53 | }\r | |
c411b485 | 54 | \r |
70c7664c JY |
55 | return FALSE;\r |
56 | }\r | |
57 | \r | |
58 | /**\r | |
59 | Returns if this is MOR lock variable.\r | |
60 | \r | |
61 | @param VariableName the name of the vendor's variable, it's a Null-Terminated Unicode String\r | |
62 | @param VendorGuid Unify identifier for vendor.\r | |
63 | \r | |
64 | @retval TRUE The variable is MOR lock variable.\r | |
65 | @retval FALSE The variable is NOT MOR lock variable.\r | |
66 | **/\r | |
67 | BOOLEAN\r | |
68 | IsMorLockVariable (\r | |
c411b485 MK |
69 | IN CHAR16 *VariableName,\r |
70 | IN EFI_GUID *VendorGuid\r | |
70c7664c JY |
71 | )\r |
72 | {\r | |
b3548d32 | 73 | if ((StrCmp (VariableName, MEMORY_OVERWRITE_REQUEST_CONTROL_LOCK_NAME) == 0) &&\r |
c411b485 MK |
74 | (CompareGuid (VendorGuid, &gEfiMemoryOverwriteRequestControlLockGuid)))\r |
75 | {\r | |
70c7664c JY |
76 | return TRUE;\r |
77 | }\r | |
c411b485 | 78 | \r |
70c7664c JY |
79 | return FALSE;\r |
80 | }\r | |
81 | \r | |
82 | /**\r | |
83 | This service is a checker handler for the UEFI Runtime Service SetVariable()\r | |
84 | \r | |
85 | @param VariableName the name of the vendor's variable, as a\r | |
86 | Null-Terminated Unicode String\r | |
87 | @param VendorGuid Unify identifier for vendor.\r | |
88 | @param Attributes Point to memory location to return the attributes of variable. If the point\r | |
89 | is NULL, the parameter would be ignored.\r | |
90 | @param DataSize The size in bytes of Data-Buffer.\r | |
91 | @param Data Point to the content of the variable.\r | |
92 | \r | |
93 | @retval EFI_SUCCESS The firmware has successfully stored the variable and its data as\r | |
94 | defined by the Attributes.\r | |
95 | @retval EFI_INVALID_PARAMETER An invalid combination of attribute bits was supplied, or the\r | |
96 | DataSize exceeds the maximum allowed.\r | |
97 | @retval EFI_INVALID_PARAMETER VariableName is an empty Unicode string.\r | |
98 | @retval EFI_OUT_OF_RESOURCES Not enough storage is available to hold the variable and its data.\r | |
99 | @retval EFI_DEVICE_ERROR The variable could not be saved due to a hardware failure.\r | |
100 | @retval EFI_WRITE_PROTECTED The variable in question is read-only.\r | |
101 | @retval EFI_WRITE_PROTECTED The variable in question cannot be deleted.\r | |
0130fdde | 102 | @retval EFI_SECURITY_VIOLATION The variable could not be written due to EFI_VARIABLE_TIME_BASED_AUTHENTICATED_WRITE_ACCESS\r |
70c7664c JY |
103 | set but the AuthInfo does NOT pass the validation check carried\r |
104 | out by the firmware.\r | |
105 | @retval EFI_NOT_FOUND The variable trying to be updated or deleted was not found.\r | |
106 | \r | |
107 | **/\r | |
108 | EFI_STATUS\r | |
109 | EFIAPI\r | |
110 | SetVariableCheckHandlerMor (\r | |
c411b485 MK |
111 | IN CHAR16 *VariableName,\r |
112 | IN EFI_GUID *VendorGuid,\r | |
113 | IN UINT32 Attributes,\r | |
114 | IN UINTN DataSize,\r | |
115 | IN VOID *Data\r | |
70c7664c JY |
116 | )\r |
117 | {\r | |
118 | UINTN MorLockDataSize;\r | |
119 | BOOLEAN MorLock;\r | |
120 | EFI_STATUS Status;\r | |
121 | \r | |
122 | //\r | |
123 | // do not handle non-MOR variable\r | |
124 | //\r | |
125 | if (!IsAnyMorVariable (VariableName, VendorGuid)) {\r | |
126 | return EFI_SUCCESS;\r | |
127 | }\r | |
128 | \r | |
c411b485 MK |
129 | MorLockDataSize = sizeof (MorLock);\r |
130 | Status = InternalGetVariable (\r | |
131 | MEMORY_OVERWRITE_REQUEST_CONTROL_LOCK_NAME,\r | |
132 | &gEfiMemoryOverwriteRequestControlLockGuid,\r | |
133 | NULL,\r | |
134 | &MorLockDataSize,\r | |
135 | &MorLock\r | |
136 | );\r | |
70c7664c JY |
137 | if (!EFI_ERROR (Status) && MorLock) {\r |
138 | //\r | |
139 | // If lock, deny access\r | |
140 | //\r | |
141 | return EFI_INVALID_PARAMETER;\r | |
142 | }\r | |
b3548d32 | 143 | \r |
77656653 JY |
144 | //\r |
145 | // Delete not OK\r | |
146 | //\r | |
c411b485 | 147 | if ((DataSize != sizeof (UINT8)) || (Data == NULL) || (Attributes == 0)) {\r |
77656653 JY |
148 | return EFI_INVALID_PARAMETER;\r |
149 | }\r | |
150 | \r | |
70c7664c JY |
151 | //\r |
152 | // check format\r | |
153 | //\r | |
c411b485 | 154 | if (IsMorLockVariable (VariableName, VendorGuid)) {\r |
70c7664c JY |
155 | //\r |
156 | // set to any other value not OK\r | |
157 | //\r | |
77656653 | 158 | if ((*(UINT8 *)Data != 1) && (*(UINT8 *)Data != 0)) {\r |
70c7664c JY |
159 | return EFI_INVALID_PARAMETER;\r |
160 | }\r | |
161 | }\r | |
c411b485 | 162 | \r |
70c7664c JY |
163 | //\r |
164 | // Or grant access\r | |
165 | //\r | |
166 | return EFI_SUCCESS;\r | |
167 | }\r | |
168 | \r | |
169 | /**\r | |
170 | Entry Point for MOR Lock Control driver.\r | |
171 | \r | |
172 | @param[in] ImageHandle Image handle of this driver.\r | |
173 | @param[in] SystemTable A Pointer to the EFI System Table.\r | |
174 | \r | |
d6b926e7 | 175 | @retval EFI_SUCCESS\r |
70c7664c JY |
176 | @return Others Some error occurs.\r |
177 | **/\r | |
178 | EFI_STATUS\r | |
179 | EFIAPI\r | |
180 | MorLockDriverInit (\r | |
181 | VOID\r | |
182 | )\r | |
183 | {\r | |
184 | EFI_STATUS Status;\r | |
185 | UINT8 Data;\r | |
186 | \r | |
c411b485 | 187 | Data = 0;\r |
70c7664c JY |
188 | Status = InternalSetVariable (\r |
189 | MEMORY_OVERWRITE_REQUEST_CONTROL_LOCK_NAME,\r | |
190 | &gEfiMemoryOverwriteRequestControlLockGuid,\r | |
191 | EFI_VARIABLE_NON_VOLATILE | EFI_VARIABLE_BOOTSERVICE_ACCESS | EFI_VARIABLE_RUNTIME_ACCESS,\r | |
192 | 1,\r | |
193 | &Data\r | |
194 | );\r | |
195 | return Status;\r | |
196 | }\r |