[mirror_edk2.git] / SecurityPkg / Tcg / MemoryOverwriteRequestControlLock / TcgMorLockSmm.c

/** @file\r
   TCG MOR (Memory Overwrite Request) Lock Control Driver SMM wrapper.\r
\r
Copyright (c) 2015 - 2018, Intel Corporation. All rights reserved.<BR>\r
SPDX-License-Identifier: BSD-2-Clause-Patent\r
\r
**/\r
\r
#include <PiSmm.h>\r
#include <Library/SmmServicesTableLib.h>\r
#include <Library/DebugLib.h>\r
#include <Protocol/SmmVarCheck.h>\r
#include <Protocol/SmmVariable.h>\r
#include "TcgMorLock.h"\r
\r
EFI_SMM_VARIABLE_PROTOCOL *mSmmVariable;\r
\r
/**\r
  This service is a wrapper for the UEFI Runtime Service GetVariable().\r
\r
  @param  VariableName the name of the vendor's variable, it's a Null-Terminated Unicode String\r
  @param  VendorGuid   Unify identifier for vendor.\r
  @param  Attributes   Point to memory location to return the attributes of variable. If the point\r
                       is NULL, the parameter would be ignored.\r
  @param  DataSize     As input, point to the maximum size of return Data-Buffer.\r
                       As output, point to the actual size of the returned Data-Buffer.\r
  @param  Data         Point to return Data-Buffer.\r
\r
  @retval  EFI_SUCCESS            The function completed successfully.\r
  @retval  EFI_NOT_FOUND          The variable was not found.\r
  @retval  EFI_BUFFER_TOO_SMALL   The DataSize is too small for the result. DataSize has\r
                                  been updated with the size needed to complete the request.\r
  @retval  EFI_INVALID_PARAMETER  VariableName is NULL.\r
  @retval  EFI_INVALID_PARAMETER  VendorGuid is NULL.\r
  @retval  EFI_INVALID_PARAMETER  DataSize is NULL.\r
  @retval  EFI_INVALID_PARAMETER  The DataSize is not too small and Data is NULL.\r
  @retval  EFI_DEVICE_ERROR       The variable could not be retrieved due to a hardware error.\r
  @retval  EFI_SECURITY_VIOLATION The variable could not be retrieved due to an authentication failure.\r
**/\r
EFI_STATUS\r
EFIAPI\r
InternalGetVariable (\r
  IN      CHAR16                   *VariableName,\r
  IN      EFI_GUID                 *VendorGuid,\r
  OUT     UINT32                   *Attributes OPTIONAL,\r
  IN OUT  UINTN                    *DataSize,\r
  OUT     VOID                     *Data\r
  )\r
{\r
  return mSmmVariable->SmmGetVariable (\r
                         VariableName,\r
                         VendorGuid,\r
                         Attributes,\r
                         DataSize,\r
                         Data\r
                         );\r
}\r
\r
/**\r
  This service is a wrapper for the UEFI Runtime Service SetVariable()\r
\r
  @param  VariableName the name of the vendor's variable, as a\r
                       Null-Terminated Unicode String\r
  @param  VendorGuid   Unify identifier for vendor.\r
  @param  Attributes   Point to memory location to return the attributes of variable. If the point\r
                       is NULL, the parameter would be ignored.\r
  @param  DataSize     The size in bytes of Data-Buffer.\r
  @param  Data         Point to the content of the variable.\r
\r
  @retval  EFI_SUCCESS            The firmware has successfully stored the variable and its data as\r
                                  defined by the Attributes.\r
  @retval  EFI_INVALID_PARAMETER  An invalid combination of attribute bits was supplied, or the\r
                                  DataSize exceeds the maximum allowed.\r
  @retval  EFI_INVALID_PARAMETER  VariableName is an empty Unicode string.\r
  @retval  EFI_OUT_OF_RESOURCES   Not enough storage is available to hold the variable and its data.\r
  @retval  EFI_DEVICE_ERROR       The variable could not be saved due to a hardware failure.\r
  @retval  EFI_WRITE_PROTECTED    The variable in question is read-only.\r
  @retval  EFI_WRITE_PROTECTED    The variable in question cannot be deleted.\r
  @retval  EFI_SECURITY_VIOLATION The variable could not be written due to EFI_VARIABLE_TIME_BASED_AUTHENTICATED_WRITE_ACCESS\r
                                  set but the AuthInfo does NOT pass the validation check carried\r
                                  out by the firmware.\r
  @retval  EFI_NOT_FOUND          The variable trying to be updated or deleted was not found.\r
\r
**/\r
EFI_STATUS\r
EFIAPI\r
InternalSetVariable (\r
  IN CHAR16                       *VariableName,\r
  IN EFI_GUID                     *VendorGuid,\r
  IN UINT32                       Attributes,\r
  IN UINTN                        DataSize,\r
  IN VOID                         *Data\r
  )\r
{\r
  return mSmmVariable->SmmSetVariable (\r
                         VariableName,\r
                         VendorGuid,\r
                         Attributes,\r
                         DataSize,\r
                         Data\r
                         );\r
}\r
\r
/**\r
  Entry Point for MOR Lock Control driver.\r
\r
  @param[in] ImageHandle    The firmware allocated handle for the EFI image.\r
  @param[in] SystemTable    A pointer to the EFI System Table.\r
\r
  @retval EFI_SUCCESS       EntryPoint runs successfully.\r
\r
**/\r
EFI_STATUS\r
EFIAPI\r
MorLockDriverEntryPointSmm (\r
  IN EFI_HANDLE         ImageHandle,\r
  IN EFI_SYSTEM_TABLE   *SystemTable\r
  )\r
{\r
  EFI_STATUS                    Status;\r
  EDKII_SMM_VAR_CHECK_PROTOCOL  *SmmVarCheck;\r
\r
  //\r
  // This driver link to Smm Variable driver\r
  //\r
  DEBUG ((EFI_D_INFO, "MorLockDriverEntryPointSmm\n"));\r
\r
  Status = gSmst->SmmLocateProtocol (\r
                  &gEfiSmmVariableProtocolGuid,\r
                  NULL,\r
                  (VOID **) &mSmmVariable\r
                  );\r
  ASSERT_EFI_ERROR (Status);\r
\r
  Status = gSmst->SmmLocateProtocol (\r
                  &gEdkiiSmmVarCheckProtocolGuid,\r
                  NULL,\r
                  (VOID **) &SmmVarCheck\r
                  );\r
  ASSERT_EFI_ERROR (Status);\r
\r
  Status = MorLockDriverInit ();\r
  if (EFI_ERROR (Status)) {\r
    return Status;\r
  }\r
\r
  Status = SmmVarCheck->SmmRegisterSetVariableCheckHandler (SetVariableCheckHandlerMor);\r
  ASSERT_EFI_ERROR (Status);\r
\r
  return Status;\r
}\r
\r
Commit	Line	Data
70c7664c JY	1	/** @file\r
70c7664c JY	2	TCG MOR (Memory Overwrite Request) Lock Control Driver SMM wrapper.\r
b3548d32 LG	3	\r
b3548d32 LG	4	Copyright (c) 2015 - 2018, Intel Corporation. All rights reserved.<BR>\r
289b714b	5	SPDX-License-Identifier: BSD-2-Clause-Patent\r
70c7664c JY	6	\r
	7	**/\r
	8	\r
	9	#include <PiSmm.h>\r
	10	#include <Library/SmmServicesTableLib.h>\r
	11	#include <Library/DebugLib.h>\r
	12	#include <Protocol/SmmVarCheck.h>\r
	13	#include <Protocol/SmmVariable.h>\r
	14	#include "TcgMorLock.h"\r
	15	\r
	16	EFI_SMM_VARIABLE_PROTOCOL *mSmmVariable;\r
	17	\r
	18	/**\r
	19	This service is a wrapper for the UEFI Runtime Service GetVariable().\r
	20	\r
	21	@param VariableName the name of the vendor's variable, it's a Null-Terminated Unicode String\r
	22	@param VendorGuid Unify identifier for vendor.\r
	23	@param Attributes Point to memory location to return the attributes of variable. If the point\r
	24	is NULL, the parameter would be ignored.\r
	25	@param DataSize As input, point to the maximum size of return Data-Buffer.\r
	26	As output, point to the actual size of the returned Data-Buffer.\r
	27	@param Data Point to return Data-Buffer.\r
	28	\r
	29	@retval EFI_SUCCESS The function completed successfully.\r
	30	@retval EFI_NOT_FOUND The variable was not found.\r
	31	@retval EFI_BUFFER_TOO_SMALL The DataSize is too small for the result. DataSize has\r
	32	been updated with the size needed to complete the request.\r
	33	@retval EFI_INVALID_PARAMETER VariableName is NULL.\r
	34	@retval EFI_INVALID_PARAMETER VendorGuid is NULL.\r
	35	@retval EFI_INVALID_PARAMETER DataSize is NULL.\r
	36	@retval EFI_INVALID_PARAMETER The DataSize is not too small and Data is NULL.\r
	37	@retval EFI_DEVICE_ERROR The variable could not be retrieved due to a hardware error.\r
	38	@retval EFI_SECURITY_VIOLATION The variable could not be retrieved due to an authentication failure.\r
	39	**/\r
	40	EFI_STATUS\r
	41	EFIAPI\r
	42	InternalGetVariable (\r
	43	IN CHAR16 *VariableName,\r
	44	IN EFI_GUID *VendorGuid,\r
	45	OUT UINT32 *Attributes OPTIONAL,\r
	46	IN OUT UINTN *DataSize,\r
	47	OUT VOID *Data\r
	48	)\r
	49	{\r
	50	return mSmmVariable->SmmGetVariable (\r
	51	VariableName,\r
	52	VendorGuid,\r
	53	Attributes,\r
	54	DataSize,\r
	55	Data\r
	56	);\r
	57	}\r
	58	\r
	59	/**\r
	60	This service is a wrapper for the UEFI Runtime Service SetVariable()\r
	61	\r
	62	@param VariableName the name of the vendor's variable, as a\r
	63	Null-Terminated Unicode String\r
	64	@param VendorGuid Unify identifier for vendor.\r
	65	@param Attributes Point to memory location to return the attributes of variable. If the point\r
	66	is NULL, the parameter would be ignored.\r
	67	@param DataSize The size in bytes of Data-Buffer.\r
	68	@param Data Point to the content of the variable.\r
	69	\r
70	@retval EFI_SUCCESS The firmware has successfully stored the variable and its data as\r
71	defined by the Attributes.\r
72	@retval EFI_INVALID_PARAMETER An invalid combination of attribute bits was supplied, or the\r
73	DataSize exceeds the maximum allowed.\r
74	@retval EFI_INVALID_PARAMETER VariableName is an empty Unicode string.\r
75	@retval EFI_OUT_OF_RESOURCES Not enough storage is available to hold the variable and its data.\r
76	@retval EFI_DEVICE_ERROR The variable could not be saved due to a hardware failure.\r
77	@retval EFI_WRITE_PROTECTED The variable in question is read-only.\r
78	@retval EFI_WRITE_PROTECTED The variable in question cannot be deleted.\r
0130fdde	79	@retval EFI_SECURITY_VIOLATION The variable could not be written due to EFI_VARIABLE_TIME_BASED_AUTHENTICATED_WRITE_ACCESS\r
70c7664c JY	80	set but the AuthInfo does NOT pass the validation check carried\r
	81	out by the firmware.\r
	82	@retval EFI_NOT_FOUND The variable trying to be updated or deleted was not found.\r
	83	\r
	84	**/\r
	85	EFI_STATUS\r
	86	EFIAPI\r
	87	InternalSetVariable (\r
	88	IN CHAR16 *VariableName,\r
	89	IN EFI_GUID *VendorGuid,\r
	90	IN UINT32 Attributes,\r
	91	IN UINTN DataSize,\r
	92	IN VOID *Data\r
	93	)\r
	94	{\r
	95	return mSmmVariable->SmmSetVariable (\r
	96	VariableName,\r
	97	VendorGuid,\r
	98	Attributes,\r
	99	DataSize,\r
	100	Data\r
	101	);\r
	102	}\r
	103	\r
	104	/**\r
	105	Entry Point for MOR Lock Control driver.\r
	106	\r
	107	@param[in] ImageHandle The firmware allocated handle for the EFI image.\r
	108	@param[in] SystemTable A pointer to the EFI System Table.\r
	109	\r
	110	@retval EFI_SUCCESS EntryPoint runs successfully.\r
	111	\r
	112	**/\r
	113	EFI_STATUS\r
	114	EFIAPI\r
	115	MorLockDriverEntryPointSmm (\r
	116	IN EFI_HANDLE ImageHandle,\r
	117	IN EFI_SYSTEM_TABLE *SystemTable\r
	118	)\r
	119	{\r
	120	EFI_STATUS Status;\r
	121	EDKII_SMM_VAR_CHECK_PROTOCOL *SmmVarCheck;\r
	122	\r
	123	//\r
	124	// This driver link to Smm Variable driver\r
	125	//\r
	126	DEBUG ((EFI_D_INFO, "MorLockDriverEntryPointSmm\n"));\r
b3548d32	127	\r
70c7664c JY	128	Status = gSmst->SmmLocateProtocol (\r
	129	&gEfiSmmVariableProtocolGuid,\r
	130	NULL,\r
	131	(VOID **) &mSmmVariable\r
	132	);\r
	133	ASSERT_EFI_ERROR (Status);\r
	134	\r
	135	Status = gSmst->SmmLocateProtocol (\r
	136	&gEdkiiSmmVarCheckProtocolGuid,\r
	137	NULL,\r
	138	(VOID **) &SmmVarCheck\r
	139	);\r
	140	ASSERT_EFI_ERROR (Status);\r
	141	\r
	142	Status = MorLockDriverInit ();\r
	143	if (EFI_ERROR (Status)) {\r
	144	return Status;\r
	145	}\r
	146	\r
	147	Status = SmmVarCheck->SmmRegisterSetVariableCheckHandler (SetVariableCheckHandlerMor);\r
	148	ASSERT_EFI_ERROR (Status);\r
	149	\r
	150	return Status;\r
	151	}\r
	152	\r