]> git.proxmox.com Git - mirror_edk2.git/blame - SecurityPkg/VariableAuthenticated/RuntimeDxe/VariableSmm.c
projects / mirror_edk2.git / blame
? search:
summary | shortlog | log | commit | commitdiff | tree
blob | blame (incremental) | history | HEAD
Read/Write memory space including MMIO range with the width requested from HOST.
[mirror_edk2.git] / SecurityPkg / VariableAuthenticated / RuntimeDxe / VariableSmm.c
CommitLineData
0c18794e 1/** @file\r
2 The sample implementation for SMM variable protocol. And this driver \r
3 implements an SMI handler to communicate with the DXE runtime driver \r
4 to provide variable services.\r
5\r
dc204d5a
JY		 6 Caution: This module requires additional review when modified.\r
7 This driver will have external input - variable data and communicate buffer in SMM mode.\r
8 This external input must be validated carefully to avoid security issue like\r
9 buffer overflow, integer overflow.\r
10\r
11 SmmVariableHandler() will receive untrusted input and do basic validation.\r
12\r
13 Each sub function VariableServiceGetVariable(), VariableServiceGetNextVariableName(), \r
14 VariableServiceSetVariable(), VariableServiceQueryVariableInfo(), ReclaimForOS(), \r
15 SmmVariableGetStatistics() should also do validation based on its own knowledge.\r
16\r
17Copyright (c) 2010 - 2012, Intel Corporation. All rights reserved.<BR>\r
0c18794e 18This program and the accompanying materials \r
19are licensed and made available under the terms and conditions of the BSD License \r
20which accompanies this distribution. The full text of the license may be found at \r
21http://opensource.org/licenses/bsd-license.php\r
22\r
23THE PROGRAM IS DISTRIBUTED UNDER THE BSD LICENSE ON AN "AS IS" BASIS, \r
24WITHOUT WARRANTIES OR REPRESENTATIONS OF ANY KIND, EITHER EXPRESS OR IMPLIED.\r
25\r
26**/\r
27\r
28#include <Protocol/SmmVariable.h>\r
29#include <Protocol/SmmFirmwareVolumeBlock.h>\r
30#include <Protocol/SmmFaultTolerantWrite.h>\r
25a4e71a 31#include <Protocol/SmmAccess2.h>\r
32\r
0c18794e 33#include <Library/SmmServicesTableLib.h>\r
34\r
35#include <Guid/AuthenticatedVariableFormat.h>\r
36#include <Guid/SmmVariableCommon.h>\r
37#include "Variable.h"\r
38\r
25a4e71a 39EFI_SMRAM_DESCRIPTOR *mSmramRanges;\r
40UINTN mSmramRangeCount;\r
41\r
0c18794e 42extern VARIABLE_INFO_ENTRY *gVariableInfo;\r
43EFI_HANDLE mSmmVariableHandle = NULL;\r
44EFI_HANDLE mVariableHandle = NULL;\r
45BOOLEAN mAtRuntime = FALSE;\r
46EFI_GUID mZeroGuid = {0, 0, 0, {0, 0, 0, 0, 0, 0, 0, 0}};\r
47 \r
48EFI_SMM_VARIABLE_PROTOCOL gSmmVariable = {\r
49 VariableServiceGetVariable,\r
50 VariableServiceGetNextVariableName,\r
51 VariableServiceSetVariable,\r
52 VariableServiceQueryVariableInfo\r
53};\r
54\r
55\r
56/**\r
57 Return TRUE if ExitBootServices () has been called.\r
58 \r
59 @retval TRUE If ExitBootServices () has been called.\r
60**/\r
61BOOLEAN\r
62AtRuntime (\r
63 VOID\r
64 )\r
65{\r
66 return mAtRuntime;\r
67}\r
68\r
25a4e71a 69/**\r
70 This function check if the address is in SMRAM.\r
71\r
72 @param Buffer the buffer address to be checked.\r
73 @param Length the buffer length to be checked.\r
74\r
75 @retval TRUE this address is in SMRAM.\r
76 @retval FALSE this address is NOT in SMRAM.\r
77**/\r
78BOOLEAN\r
79InternalIsAddressInSmram (\r
80 IN EFI_PHYSICAL_ADDRESS Buffer,\r
81 IN UINT64 Length\r
82 )\r
83{\r
84 UINTN Index;\r
85\r
86 for (Index = 0; Index < mSmramRangeCount; Index ++) {\r
87 if (((Buffer >= mSmramRanges[Index].CpuStart) && (Buffer < mSmramRanges[Index].CpuStart + mSmramRanges[Index].PhysicalSize)) ||\r
88 ((mSmramRanges[Index].CpuStart >= Buffer) && (mSmramRanges[Index].CpuStart < Buffer + Length))) {\r
89 return TRUE;\r
90 }\r
91 }\r
92\r
93 return FALSE;\r
94}\r
95\r
9d00d20e
SZ		 96/**\r
97 This function check if the address refered by Buffer and Length is valid.\r
98\r
99 @param Buffer the buffer address to be checked.\r
100 @param Length the buffer length to be checked.\r
101\r
102 @retval TRUE this address is valid.\r
103 @retval FALSE this address is NOT valid.\r
104**/\r
105BOOLEAN\r
106InternalIsAddressValid (\r
107 IN UINTN Buffer,\r
108 IN UINTN Length\r
109 )\r
110{\r
111 if (Buffer > (MAX_ADDRESS - Length)) {\r
112 //\r
113 // Overflow happen\r
114 //\r
115 return FALSE;\r
116 }\r
117 if (InternalIsAddressInSmram ((EFI_PHYSICAL_ADDRESS)Buffer, (UINT64)Length)) {\r
118 return FALSE;\r
119 }\r
120 return TRUE;\r
121}\r
25a4e71a 122\r
0c18794e 123/**\r
124 Initializes a basic mutual exclusion lock.\r
125\r
126 This function initializes a basic mutual exclusion lock to the released state \r
127 and returns the lock. Each lock provides mutual exclusion access at its task \r
128 priority level. Since there is no preemption or multiprocessor support in EFI,\r
129 acquiring the lock only consists of raising to the locks TPL.\r
130 If Lock is NULL, then ASSERT().\r
131 If Priority is not a valid TPL value, then ASSERT().\r
132\r
133 @param Lock A pointer to the lock data structure to initialize.\r
134 @param Priority EFI TPL is associated with the lock.\r
135\r
136 @return The lock.\r
137\r
138**/\r
139EFI_LOCK *\r
140InitializeLock (\r
141 IN OUT EFI_LOCK *Lock,\r
142 IN EFI_TPL Priority\r
143 )\r
144{\r
145 return Lock;\r
146}\r
147\r
148/**\r
149 Acquires lock only at boot time. Simply returns at runtime.\r
150\r
151 This is a temperary function that will be removed when\r
152 EfiAcquireLock() in UefiLib can handle the call in UEFI\r
153 Runtimer driver in RT phase.\r
154 It calls EfiAcquireLock() at boot time, and simply returns\r
155 at runtime.\r
156\r
157 @param Lock A pointer to the lock to acquire.\r
158\r
159**/\r
160VOID\r
161AcquireLockOnlyAtBootTime (\r
162 IN EFI_LOCK *Lock\r
163 )\r
164{\r
165\r
166}\r
167\r
168\r
169/**\r
170 Releases lock only at boot time. Simply returns at runtime.\r
171\r
172 This is a temperary function which will be removed when\r
173 EfiReleaseLock() in UefiLib can handle the call in UEFI\r
174 Runtimer driver in RT phase.\r
175 It calls EfiReleaseLock() at boot time and simply returns\r
176 at runtime.\r
177\r
178 @param Lock A pointer to the lock to release.\r
179\r
180**/\r
181VOID\r
182ReleaseLockOnlyAtBootTime (\r
183 IN EFI_LOCK *Lock\r
184 )\r
185{\r
186\r
187}\r
188\r
189/**\r
190 Retrive the SMM Fault Tolerent Write protocol interface.\r
191\r
192 @param[out] FtwProtocol The interface of SMM Ftw protocol\r
193\r
194 @retval EFI_SUCCESS The SMM FTW protocol instance was found and returned in FtwProtocol.\r
195 @retval EFI_NOT_FOUND The SMM FTW protocol instance was not found.\r
196 @retval EFI_INVALID_PARAMETER SarProtocol is NULL.\r
197\r
198**/\r
199EFI_STATUS\r
200GetFtwProtocol (\r
201 OUT VOID **FtwProtocol\r
202 )\r
203{\r
204 EFI_STATUS Status;\r
205\r
206 //\r
207 // Locate Smm Fault Tolerent Write protocol\r
208 //\r
209 Status = gSmst->SmmLocateProtocol (\r
210 &gEfiSmmFaultTolerantWriteProtocolGuid, \r
211 NULL, \r
212 FtwProtocol\r
213 );\r
214 return Status;\r
215}\r
216\r
217\r
218/**\r
219 Retrive the SMM FVB protocol interface by HANDLE.\r
220\r
221 @param[in] FvBlockHandle The handle of SMM FVB protocol that provides services for\r
222 reading, writing, and erasing the target block.\r
223 @param[out] FvBlock The interface of SMM FVB protocol\r
224\r
225 @retval EFI_SUCCESS The interface information for the specified protocol was returned.\r
226 @retval EFI_UNSUPPORTED The device does not support the SMM FVB protocol.\r
227 @retval EFI_INVALID_PARAMETER FvBlockHandle is not a valid EFI_HANDLE or FvBlock is NULL.\r
228\r
229**/\r
230EFI_STATUS\r
231GetFvbByHandle (\r
232 IN EFI_HANDLE FvBlockHandle,\r
233 OUT EFI_FIRMWARE_VOLUME_BLOCK_PROTOCOL **FvBlock\r
234 )\r
235{\r
236 //\r
237 // To get the SMM FVB protocol interface on the handle\r
238 //\r
239 return gSmst->SmmHandleProtocol (\r
240 FvBlockHandle,\r
241 &gEfiSmmFirmwareVolumeBlockProtocolGuid,\r
242 (VOID **) FvBlock\r
243 );\r
244}\r
245\r
246\r
247/**\r
248 Function returns an array of handles that support the SMM FVB protocol\r
249 in a buffer allocated from pool. \r
250\r
251 @param[out] NumberHandles The number of handles returned in Buffer.\r
252 @param[out] Buffer A pointer to the buffer to return the requested\r
253 array of handles that support SMM FVB protocol.\r
254\r
255 @retval EFI_SUCCESS The array of handles was returned in Buffer, and the number of\r
256 handles in Buffer was returned in NumberHandles.\r
257 @retval EFI_NOT_FOUND No SMM FVB handle was found.\r
258 @retval EFI_OUT_OF_RESOURCES There is not enough pool memory to store the matching results.\r
259 @retval EFI_INVALID_PARAMETER NumberHandles is NULL or Buffer is NULL.\r
260\r
261**/\r
262EFI_STATUS\r
263GetFvbCountAndBuffer (\r
264 OUT UINTN *NumberHandles,\r
265 OUT EFI_HANDLE **Buffer\r
266 )\r
267{\r
268 EFI_STATUS Status;\r
269 UINTN BufferSize;\r
270\r
271 if ((NumberHandles == NULL) || (Buffer == NULL)) {\r
272 return EFI_INVALID_PARAMETER;\r
273 }\r
274\r
275 BufferSize = 0;\r
276 *NumberHandles = 0;\r
277 *Buffer = NULL;\r
278 Status = gSmst->SmmLocateHandle (\r
279 ByProtocol,\r
280 &gEfiSmmFirmwareVolumeBlockProtocolGuid,\r
281 NULL,\r
282 &BufferSize,\r
283 *Buffer\r
284 );\r
285 if (EFI_ERROR(Status) && Status != EFI_BUFFER_TOO_SMALL) {\r
286 return EFI_NOT_FOUND;\r
287 }\r
288\r
289 *Buffer = AllocatePool (BufferSize);\r
290 if (*Buffer == NULL) {\r
291 return EFI_OUT_OF_RESOURCES;\r
292 }\r
293\r
294 Status = gSmst->SmmLocateHandle (\r
295 ByProtocol,\r
296 &gEfiSmmFirmwareVolumeBlockProtocolGuid,\r
297 NULL,\r
298 &BufferSize,\r
299 *Buffer\r
300 );\r
301\r
302 *NumberHandles = BufferSize / sizeof(EFI_HANDLE);\r
303 if (EFI_ERROR(Status)) {\r
304 *NumberHandles = 0;\r
305 }\r
306\r
307 return Status;\r
308}\r
309\r
310\r
311/**\r
312 Get the variable statistics information from the information buffer pointed by gVariableInfo.\r
313\r
dc204d5a
JY		 314 Caution: This function may be invoked at SMM runtime.\r
315 InfoEntry and InfoSize are external input. Care must be taken to make sure not security issue at runtime.\r
316\r
648f98d1 317 @param[in, out] InfoEntry A pointer to the buffer of variable information entry.\r
318 On input, point to the variable information returned last time. if \r
319 InfoEntry->VendorGuid is zero, return the first information.\r
320 On output, point to the next variable information.\r
321 @param[in, out] InfoSize On input, the size of the variable information buffer.\r
322 On output, the returned variable information size.\r
323\r
324 @retval EFI_SUCCESS The variable information is found and returned successfully.\r
325 @retval EFI_UNSUPPORTED No variable inoformation exists in variable driver. The \r
326 PcdVariableCollectStatistics should be set TRUE to support it.\r
327 @retval EFI_BUFFER_TOO_SMALL The buffer is too small to hold the next variable information.\r
328 @retval EFI_INVALID_PARAMETER Input parameter is invalid.\r
0c18794e 329\r
330**/\r
331EFI_STATUS\r
332SmmVariableGetStatistics (\r
333 IN OUT VARIABLE_INFO_ENTRY *InfoEntry,\r
334 IN OUT UINTN *InfoSize\r
335 )\r
336{\r
337 VARIABLE_INFO_ENTRY *VariableInfo;\r
338 UINTN NameLength;\r
339 UINTN StatisticsInfoSize;\r
340 CHAR16 *InfoName;\r
341 \r
648f98d1 342 if (InfoEntry == NULL) {\r
343 return EFI_INVALID_PARAMETER;\r
344 }\r
345 \r
0c18794e 346 VariableInfo = gVariableInfo; \r
347 if (VariableInfo == NULL) {\r
348 return EFI_UNSUPPORTED;\r
349 }\r
350\r
351 StatisticsInfoSize = sizeof (VARIABLE_INFO_ENTRY) + StrSize (VariableInfo->Name);\r
12373f2c 352 if (*InfoSize < StatisticsInfoSize) {\r
0c18794e 353 *InfoSize = StatisticsInfoSize;\r
354 return EFI_BUFFER_TOO_SMALL;\r
355 }\r
356 InfoName = (CHAR16 *)(InfoEntry + 1);\r
357\r
358 if (CompareGuid (&InfoEntry->VendorGuid, &mZeroGuid)) {\r
359 //\r
360 // Return the first variable info\r
361 //\r
362 CopyMem (InfoEntry, VariableInfo, sizeof (VARIABLE_INFO_ENTRY));\r
363 CopyMem (InfoName, VariableInfo->Name, StrSize (VariableInfo->Name));\r
364 *InfoSize = StatisticsInfoSize;\r
365 return EFI_SUCCESS;\r
366 }\r
367\r
368 //\r
369 // Get the next variable info\r
370 //\r
371 while (VariableInfo != NULL) {\r
372 if (CompareGuid (&VariableInfo->VendorGuid, &InfoEntry->VendorGuid)) {\r
373 NameLength = StrSize (VariableInfo->Name);\r
374 if (NameLength == StrSize (InfoName)) {\r
375 if (CompareMem (VariableInfo->Name, InfoName, NameLength) == 0) {\r
376 //\r
377 // Find the match one\r
378 //\r
379 VariableInfo = VariableInfo->Next;\r
380 break;\r
381 }\r
382 }\r
383 }\r
384 VariableInfo = VariableInfo->Next;\r
385 };\r
386 \r
387 if (VariableInfo == NULL) {\r
388 *InfoSize = 0;\r
389 return EFI_SUCCESS;\r
390 }\r
391\r
392 //\r
393 // Output the new variable info\r
394 //\r
395 StatisticsInfoSize = sizeof (VARIABLE_INFO_ENTRY) + StrSize (VariableInfo->Name);\r
396 if (*InfoSize < StatisticsInfoSize) {\r
397 *InfoSize = StatisticsInfoSize;\r
398 return EFI_BUFFER_TOO_SMALL;\r
399 }\r
400\r
401 CopyMem (InfoEntry, VariableInfo, sizeof (VARIABLE_INFO_ENTRY));\r
402 CopyMem (InfoName, VariableInfo->Name, StrSize (VariableInfo->Name));\r
403 *InfoSize = StatisticsInfoSize;\r
404 \r
405 return EFI_SUCCESS;\r
406}\r
407\r
408\r
409/**\r
410 Communication service SMI Handler entry.\r
411\r
412 This SMI handler provides services for the variable wrapper driver.\r
413\r
dc204d5a
JY		 414 Caution: This function may receive untrusted input.\r
415 This variable data and communicate buffer are external input, so this function will do basic validation.\r
416 Each sub function VariableServiceGetVariable(), VariableServiceGetNextVariableName(), \r
417 VariableServiceSetVariable(), VariableServiceQueryVariableInfo(), ReclaimForOS(), \r
418 SmmVariableGetStatistics() should also do validation based on its own knowledge.\r
419\r
0c18794e 420 @param[in] DispatchHandle The unique handle assigned to this handler by SmiHandlerRegister().\r
421 @param[in] RegisterContext Points to an optional handler context which was specified when the\r
422 handler was registered.\r
423 @param[in, out] CommBuffer A pointer to a collection of data in memory that will\r
424 be conveyed from a non-SMM environment into an SMM environment.\r
425 @param[in, out] CommBufferSize The size of the CommBuffer.\r
426\r
427 @retval EFI_SUCCESS The interrupt was handled and quiesced. No other handlers \r
428 should still be called.\r
429 @retval EFI_WARN_INTERRUPT_SOURCE_QUIESCED The interrupt has been quiesced but other handlers should \r
430 still be called.\r
431 @retval EFI_WARN_INTERRUPT_SOURCE_PENDING The interrupt is still pending and other handlers should still \r
432 be called.\r
433 @retval EFI_INTERRUPT_PENDING The interrupt could not be quiesced.\r
648f98d1 434\r
0c18794e 435**/\r
436EFI_STATUS\r
437EFIAPI\r
438SmmVariableHandler (\r
439 IN EFI_HANDLE DispatchHandle,\r
440 IN CONST VOID *RegisterContext,\r
441 IN OUT VOID *CommBuffer,\r
442 IN OUT UINTN *CommBufferSize\r
443 )\r
444{\r
445 EFI_STATUS Status;\r
446 SMM_VARIABLE_COMMUNICATE_HEADER *SmmVariableFunctionHeader;\r
447 SMM_VARIABLE_COMMUNICATE_ACCESS_VARIABLE *SmmVariableHeader;\r
448 SMM_VARIABLE_COMMUNICATE_GET_NEXT_VARIABLE_NAME *GetNextVariableName;\r
449 SMM_VARIABLE_COMMUNICATE_QUERY_VARIABLE_INFO *QueryVariableInfo;\r
450 VARIABLE_INFO_ENTRY *VariableInfo;\r
451 UINTN InfoSize;\r
9d00d20e 452 UINTN NameBufferSize;\r
0c18794e 453\r
25a4e71a 454 //\r
455 // If input is invalid, stop processing this SMI\r
456 //\r
457 if (CommBuffer == NULL || CommBufferSize == NULL) {\r
458 return EFI_SUCCESS;\r
648f98d1 459 }\r
0c18794e 460\r
ad84df72 461 if (*CommBufferSize < SMM_VARIABLE_COMMUNICATE_HEADER_SIZE) {\r
25a4e71a 462 return EFI_SUCCESS;\r
463 }\r
464\r
9d00d20e
SZ		 465 if (!InternalIsAddressValid ((UINTN)CommBuffer, *CommBufferSize)) {\r
466 DEBUG ((EFI_D_ERROR, "SMM communication buffer in SMRAM or overflow!\n"));\r
25a4e71a 467 return EFI_SUCCESS;\r
468 }\r
469 \r
0c18794e 470 SmmVariableFunctionHeader = (SMM_VARIABLE_COMMUNICATE_HEADER *)CommBuffer;\r
25a4e71a 471 \r
0c18794e 472 switch (SmmVariableFunctionHeader->Function) {\r
473 case SMM_VARIABLE_FUNCTION_GET_VARIABLE:\r
25a4e71a 474 SmmVariableHeader = (SMM_VARIABLE_COMMUNICATE_ACCESS_VARIABLE *) SmmVariableFunctionHeader->Data;\r
9d00d20e
SZ		 475 if (((UINTN)(~0) - SmmVariableHeader->DataSize < OFFSET_OF(SMM_VARIABLE_COMMUNICATE_ACCESS_VARIABLE, Name)) ||\r
476 ((UINTN)(~0) - SmmVariableHeader->NameSize < OFFSET_OF(SMM_VARIABLE_COMMUNICATE_ACCESS_VARIABLE, Name) + SmmVariableHeader->DataSize)) {\r
477 //\r
478 // Prevent InfoSize overflow happen\r
479 //\r
480 Status = EFI_ACCESS_DENIED;\r
481 goto EXIT;\r
482 }\r
25a4e71a 483 InfoSize = OFFSET_OF(SMM_VARIABLE_COMMUNICATE_ACCESS_VARIABLE, Name) \r
484 + SmmVariableHeader->DataSize + SmmVariableHeader->NameSize;\r
485\r
486 //\r
487 // SMRAM range check already covered before\r
488 //\r
3f5c168f 489 if (InfoSize > *CommBufferSize - SMM_VARIABLE_COMMUNICATE_HEADER_SIZE) {\r
25a4e71a 490 DEBUG ((EFI_D_ERROR, "Data size exceed communication buffer size limit!\n"));\r
491 Status = EFI_ACCESS_DENIED;\r
492 goto EXIT;\r
493 }\r
494\r
9d00d20e
SZ		 495 if (SmmVariableHeader->NameSize < sizeof (CHAR16) || SmmVariableHeader->Name[SmmVariableHeader->NameSize/sizeof (CHAR16) - 1] != L'\0') {\r
496 //\r
497 // Make sure VariableName is A Null-terminated string.\r
498 //\r
499 Status = EFI_ACCESS_DENIED;\r
500 goto EXIT;\r
501 }\r
502\r
0c18794e 503 Status = VariableServiceGetVariable (\r
504 SmmVariableHeader->Name,\r
505 &SmmVariableHeader->Guid,\r
506 &SmmVariableHeader->Attributes,\r
507 &SmmVariableHeader->DataSize,\r
508 (UINT8 *)SmmVariableHeader->Name + SmmVariableHeader->NameSize\r
509 );\r
510 break;\r
511 \r
512 case SMM_VARIABLE_FUNCTION_GET_NEXT_VARIABLE_NAME:\r
513 GetNextVariableName = (SMM_VARIABLE_COMMUNICATE_GET_NEXT_VARIABLE_NAME *) SmmVariableFunctionHeader->Data;\r
9d00d20e
SZ		 514 if ((UINTN)(~0) - GetNextVariableName->NameSize < OFFSET_OF(SMM_VARIABLE_COMMUNICATE_GET_NEXT_VARIABLE_NAME, Name)) {\r
515 //\r
516 // Prevent InfoSize overflow happen\r
517 //\r
518 Status = EFI_ACCESS_DENIED;\r
519 goto EXIT;\r
520 }\r
25a4e71a 521 InfoSize = OFFSET_OF(SMM_VARIABLE_COMMUNICATE_GET_NEXT_VARIABLE_NAME, Name) + GetNextVariableName->NameSize;\r
522\r
523 //\r
524 // SMRAM range check already covered before\r
525 //\r
3f5c168f 526 if (InfoSize > *CommBufferSize - SMM_VARIABLE_COMMUNICATE_HEADER_SIZE) {\r
25a4e71a 527 DEBUG ((EFI_D_ERROR, "Data size exceed communication buffer size limit!\n"));\r
528 Status = EFI_ACCESS_DENIED;\r
529 goto EXIT;\r
530 }\r
531\r
9d00d20e
SZ		 532 NameBufferSize = *CommBufferSize - SMM_VARIABLE_COMMUNICATE_HEADER_SIZE - OFFSET_OF(SMM_VARIABLE_COMMUNICATE_GET_NEXT_VARIABLE_NAME, Name);\r
533 if (NameBufferSize < sizeof (CHAR16) || GetNextVariableName->Name[NameBufferSize/sizeof (CHAR16) - 1] != L'\0') {\r
534 //\r
535 // Make sure input VariableName is A Null-terminated string.\r
536 //\r
537 Status = EFI_ACCESS_DENIED;\r
538 goto EXIT;\r
539 }\r
540\r
0c18794e 541 Status = VariableServiceGetNextVariableName (\r
542 &GetNextVariableName->NameSize,\r
543 GetNextVariableName->Name,\r
544 &GetNextVariableName->Guid\r
545 );\r
546 break;\r
547 \r
548 case SMM_VARIABLE_FUNCTION_SET_VARIABLE:\r
549 SmmVariableHeader = (SMM_VARIABLE_COMMUNICATE_ACCESS_VARIABLE *) SmmVariableFunctionHeader->Data;\r
9d00d20e
SZ		 550 if (((UINTN)(~0) - SmmVariableHeader->DataSize < OFFSET_OF(SMM_VARIABLE_COMMUNICATE_ACCESS_VARIABLE, Name)) ||\r
551 ((UINTN)(~0) - SmmVariableHeader->NameSize < OFFSET_OF(SMM_VARIABLE_COMMUNICATE_ACCESS_VARIABLE, Name) + SmmVariableHeader->DataSize)) {\r
552 //\r
553 // Prevent InfoSize overflow happen\r
554 //\r
555 Status = EFI_ACCESS_DENIED;\r
556 goto EXIT;\r
557 }\r
d17c4eac 558 InfoSize = OFFSET_OF(SMM_VARIABLE_COMMUNICATE_ACCESS_VARIABLE, Name)\r
559 + SmmVariableHeader->DataSize + SmmVariableHeader->NameSize;\r
560\r
561 //\r
562 // SMRAM range check already covered before\r
563 // Data buffer should not contain SMM range\r
564 //\r
565 if (InfoSize > *CommBufferSize - SMM_VARIABLE_COMMUNICATE_HEADER_SIZE) {\r
566 DEBUG ((EFI_D_ERROR, "Data size exceed communication buffer size limit!\n"));\r
567 Status = EFI_ACCESS_DENIED;\r
568 goto EXIT;\r
569 }\r
570\r
9d00d20e
SZ		 571 if (SmmVariableHeader->NameSize < sizeof (CHAR16) || SmmVariableHeader->Name[SmmVariableHeader->NameSize/sizeof (CHAR16) - 1] != L'\0') {\r
572 //\r
573 // Make sure VariableName is A Null-terminated string.\r
574 //\r
575 Status = EFI_ACCESS_DENIED;\r
576 goto EXIT;\r
577 }\r
578\r
0c18794e 579 Status = VariableServiceSetVariable (\r
580 SmmVariableHeader->Name,\r
581 &SmmVariableHeader->Guid,\r
582 SmmVariableHeader->Attributes,\r
583 SmmVariableHeader->DataSize,\r
584 (UINT8 *)SmmVariableHeader->Name + SmmVariableHeader->NameSize\r
585 );\r
586 break;\r
587 \r
588 case SMM_VARIABLE_FUNCTION_QUERY_VARIABLE_INFO:\r
589 QueryVariableInfo = (SMM_VARIABLE_COMMUNICATE_QUERY_VARIABLE_INFO *) SmmVariableFunctionHeader->Data;\r
25a4e71a 590 InfoSize = sizeof(SMM_VARIABLE_COMMUNICATE_QUERY_VARIABLE_INFO);\r
591\r
592 //\r
593 // SMRAM range check already covered before\r
594 //\r
3f5c168f 595 if (InfoSize > *CommBufferSize - SMM_VARIABLE_COMMUNICATE_HEADER_SIZE) {\r
25a4e71a 596 DEBUG ((EFI_D_ERROR, "Data size exceed communication buffer size limit!\n"));\r
597 Status = EFI_ACCESS_DENIED;\r
598 goto EXIT;\r
599 }\r
600 \r
0c18794e 601 Status = VariableServiceQueryVariableInfo (\r
602 QueryVariableInfo->Attributes,\r
603 &QueryVariableInfo->MaximumVariableStorageSize,\r
604 &QueryVariableInfo->RemainingVariableStorageSize,\r
605 &QueryVariableInfo->MaximumVariableSize\r
606 );\r
607 break;\r
608\r
609 case SMM_VARIABLE_FUNCTION_READY_TO_BOOT:\r
876ac395 610 if (AtRuntime()) {\r
611 Status = EFI_UNSUPPORTED;\r
612 break;\r
613 }\r
0c18794e 614 ReclaimForOS ();\r
615 Status = EFI_SUCCESS;\r
616 break;\r
617 \r
618 case SMM_VARIABLE_FUNCTION_EXIT_BOOT_SERVICE:\r
619 mAtRuntime = TRUE;\r
620 Status = EFI_SUCCESS;\r
621 break;\r
622\r
623 case SMM_VARIABLE_FUNCTION_GET_STATISTICS:\r
624 VariableInfo = (VARIABLE_INFO_ENTRY *) SmmVariableFunctionHeader->Data;\r
3f5c168f 625 InfoSize = *CommBufferSize - SMM_VARIABLE_COMMUNICATE_HEADER_SIZE;\r
25a4e71a 626\r
627 //\r
628 // Do not need to check SmmVariableFunctionHeader->Data in SMRAM here. \r
629 // It is covered by previous CommBuffer check \r
630 //\r
631 \r
632 if (InternalIsAddressInSmram ((EFI_PHYSICAL_ADDRESS)(UINTN)CommBufferSize, sizeof(UINTN))) {\r
9d00d20e 633 DEBUG ((EFI_D_ERROR, "SMM communication buffer in SMRAM!\n"));\r
25a4e71a 634 Status = EFI_ACCESS_DENIED;\r
635 goto EXIT;\r
636 } \r
637\r
0c18794e 638 Status = SmmVariableGetStatistics (VariableInfo, &InfoSize);\r
3f5c168f 639 *CommBufferSize = InfoSize + SMM_VARIABLE_COMMUNICATE_HEADER_SIZE;\r
0c18794e 640 break;\r
641\r
642 default:\r
0c18794e 643 Status = EFI_UNSUPPORTED;\r
644 }\r
645\r
25a4e71a 646EXIT:\r
0c18794e 647\r
25a4e71a 648 SmmVariableFunctionHeader->ReturnStatus = Status;\r
0c18794e 649 return EFI_SUCCESS;\r
650}\r
651\r
652\r
653/**\r
654 SMM Fault Tolerant Write protocol notification event handler.\r
655\r
656 Non-Volatile variable write may needs FTW protocol to reclaim when \r
657 writting variable.\r
658 \r
659 @param Protocol Points to the protocol's unique identifier\r
660 @param Interface Points to the interface instance\r
661 @param Handle The handle on which the interface was installed\r
662\r
663 @retval EFI_SUCCESS SmmEventCallback runs successfully\r
664 @retval EFI_NOT_FOUND The Fvb protocol for variable is not found.\r
665 \r
666 **/\r
667EFI_STATUS\r
668EFIAPI\r
669SmmFtwNotificationEvent (\r
670 IN CONST EFI_GUID *Protocol,\r
671 IN VOID *Interface,\r
672 IN EFI_HANDLE Handle\r
673 )\r
674{\r
675 EFI_STATUS Status;\r
676 EFI_SMM_FIRMWARE_VOLUME_BLOCK_PROTOCOL *FvbProtocol;\r
677 EFI_SMM_FAULT_TOLERANT_WRITE_PROTOCOL *FtwProtocol;\r
678 EFI_PHYSICAL_ADDRESS NvStorageVariableBase;\r
679 \r
680 if (mVariableModuleGlobal->FvbInstance != NULL) {\r
681 return EFI_SUCCESS;\r
682 }\r
683\r
684 //\r
685 // Ensure SMM FTW protocol is installed.\r
686 //\r
687 Status = GetFtwProtocol ((VOID **)&FtwProtocol);\r
688 if (EFI_ERROR (Status)) {\r
689 return Status;\r
690 }\r
691\r
692 //\r
693 // Find the proper FVB protocol for variable.\r
694 //\r
695 NvStorageVariableBase = (EFI_PHYSICAL_ADDRESS) PcdGet64 (PcdFlashNvStorageVariableBase64);\r
696 if (NvStorageVariableBase == 0) {\r
697 NvStorageVariableBase = (EFI_PHYSICAL_ADDRESS) PcdGet32 (PcdFlashNvStorageVariableBase);\r
698 }\r
699 Status = GetFvbInfoByAddress (NvStorageVariableBase, NULL, &FvbProtocol);\r
700 if (EFI_ERROR (Status)) {\r
701 return EFI_NOT_FOUND;\r
702 }\r
703\r
704 mVariableModuleGlobal->FvbInstance = FvbProtocol;\r
705 \r
706 Status = VariableWriteServiceInitialize ();\r
707 ASSERT_EFI_ERROR (Status);\r
708 \r
709 //\r
710 // Notify the variable wrapper driver the variable write service is ready\r
711 //\r
712 Status = gBS->InstallProtocolInterface (\r
713 &mSmmVariableHandle,\r
714 &gSmmVariableWriteGuid,\r
715 EFI_NATIVE_INTERFACE,\r
716 NULL\r
717 );\r
718 ASSERT_EFI_ERROR (Status);\r
719 \r
720 return EFI_SUCCESS;\r
721}\r
722\r
723\r
724/**\r
725 Variable Driver main entry point. The Variable driver places the 4 EFI\r
726 runtime services in the EFI System Table and installs arch protocols \r
727 for variable read and write services being available. It also registers\r
728 a notification function for an EVT_SIGNAL_VIRTUAL_ADDRESS_CHANGE event.\r
729\r
730 @param[in] ImageHandle The firmware allocated handle for the EFI image. \r
731 @param[in] SystemTable A pointer to the EFI System Table.\r
732 \r
733 @retval EFI_SUCCESS Variable service successfully initialized.\r
734\r
735**/\r
736EFI_STATUS\r
737EFIAPI\r
738VariableServiceInitialize (\r
739 IN EFI_HANDLE ImageHandle,\r
740 IN EFI_SYSTEM_TABLE *SystemTable\r
741 )\r
742{\r
743 EFI_STATUS Status;\r
744 EFI_HANDLE VariableHandle;\r
745 VOID *SmmFtwRegistration;\r
25a4e71a 746 EFI_SMM_ACCESS2_PROTOCOL *SmmAccess;\r
747 UINTN Size;\r
748\r
0c18794e 749 //\r
750 // Variable initialize.\r
751 //\r
752 Status = VariableCommonInitialize ();\r
753 ASSERT_EFI_ERROR (Status);\r
754\r
755 //\r
756 // Install the Smm Variable Protocol on a new handle.\r
757 //\r
758 VariableHandle = NULL;\r
759 Status = gSmst->SmmInstallProtocolInterface (\r
760 &VariableHandle,\r
761 &gEfiSmmVariableProtocolGuid,\r
762 EFI_NATIVE_INTERFACE,\r
763 &gSmmVariable\r
764 );\r
765 ASSERT_EFI_ERROR (Status);\r
766\r
25a4e71a 767 //\r
768 // Get SMRAM information\r
769 //\r
770 Status = gBS->LocateProtocol (&gEfiSmmAccess2ProtocolGuid, NULL, (VOID **)&SmmAccess);\r
771 ASSERT_EFI_ERROR (Status);\r
772\r
773 Size = 0;\r
774 Status = SmmAccess->GetCapabilities (SmmAccess, &Size, NULL);\r
775 ASSERT (Status == EFI_BUFFER_TOO_SMALL);\r
776\r
777 Status = gSmst->SmmAllocatePool (\r
778 EfiRuntimeServicesData,\r
779 Size,\r
780 (VOID **)&mSmramRanges\r
781 );\r
782 ASSERT_EFI_ERROR (Status);\r
783\r
784 Status = SmmAccess->GetCapabilities (SmmAccess, &Size, mSmramRanges);\r
785 ASSERT_EFI_ERROR (Status);\r
786\r
787 mSmramRangeCount = Size / sizeof (EFI_SMRAM_DESCRIPTOR);\r
788\r
0c18794e 789 ///\r
790 /// Register SMM variable SMI handler\r
791 ///\r
792 VariableHandle = NULL;\r
793 Status = gSmst->SmiHandlerRegister (SmmVariableHandler, &gEfiSmmVariableProtocolGuid, &VariableHandle);\r
794 ASSERT_EFI_ERROR (Status);\r
795 \r
796 //\r
797 // Notify the variable wrapper driver the variable service is ready\r
798 //\r
799 Status = SystemTable->BootServices->InstallProtocolInterface (\r
800 &mVariableHandle,\r
801 &gEfiSmmVariableProtocolGuid,\r
802 EFI_NATIVE_INTERFACE,\r
803 &gSmmVariable\r
804 );\r
805 ASSERT_EFI_ERROR (Status);\r
806 \r
807 //\r
808 // Register FtwNotificationEvent () notify function.\r
809 // \r
810 Status = gSmst->SmmRegisterProtocolNotify (\r
811 &gEfiSmmFaultTolerantWriteProtocolGuid,\r
812 SmmFtwNotificationEvent,\r
813 &SmmFtwRegistration\r
814 );\r
815 ASSERT_EFI_ERROR (Status);\r
816\r
817 SmmFtwNotificationEvent (NULL, NULL, NULL);\r
818 \r
819 return EFI_SUCCESS;\r
820}\r
821\r
822\r
EFI Development Kit II mirror for PVE