]> git.proxmox.com Git - mirror_edk2.git/blob - SecurityPkg/VariableAuthenticated/RuntimeDxe/VariableSmm.c
projects / mirror_edk2.git / blob
? search:
summary | shortlog | log | commit | commitdiff | tree
blame | history | raw | HEAD
1. Enhance AuthVar driver to avoid process corrupted certificate input.
[mirror_edk2.git] / SecurityPkg / VariableAuthenticated / RuntimeDxe / VariableSmm.c
1 /** @file
2 The sample implementation for SMM variable protocol. And this driver
3 implements an SMI handler to communicate with the DXE runtime driver
4 to provide variable services.
5
6 Copyright (c) 2010 - 2011, Intel Corporation. All rights reserved.<BR>
7 This program and the accompanying materials
8 are licensed and made available under the terms and conditions of the BSD License
9 which accompanies this distribution. The full text of the license may be found at
10 http://opensource.org/licenses/bsd-license.php
11
12 THE PROGRAM IS DISTRIBUTED UNDER THE BSD LICENSE ON AN "AS IS" BASIS,
13 WITHOUT WARRANTIES OR REPRESENTATIONS OF ANY KIND, EITHER EXPRESS OR IMPLIED.
14
15 **/
16
17 #include <Protocol/SmmVariable.h>
18 #include <Protocol/SmmFirmwareVolumeBlock.h>
19 #include <Protocol/SmmFaultTolerantWrite.h>
20 #include <Library/SmmServicesTableLib.h>
21
22 #include <Guid/AuthenticatedVariableFormat.h>
23 #include <Guid/SmmVariableCommon.h>
24 #include "Variable.h"
25
26 extern VARIABLE_INFO_ENTRY *gVariableInfo;
27 EFI_HANDLE mSmmVariableHandle = NULL;
28 EFI_HANDLE mVariableHandle = NULL;
29 BOOLEAN mAtRuntime = FALSE;
30 EFI_GUID mZeroGuid = {0, 0, 0, {0, 0, 0, 0, 0, 0, 0, 0}};
31
32 EFI_SMM_VARIABLE_PROTOCOL gSmmVariable = {
33 VariableServiceGetVariable,
34 VariableServiceGetNextVariableName,
35 VariableServiceSetVariable,
36 VariableServiceQueryVariableInfo
37 };
38
39
40 /**
41 Return TRUE if ExitBootServices () has been called.
42
43 @retval TRUE If ExitBootServices () has been called.
44 **/
45 BOOLEAN
46 AtRuntime (
47 VOID
48 )
49 {
50 return mAtRuntime;
51 }
52
53 /**
54 Initializes a basic mutual exclusion lock.
55
56 This function initializes a basic mutual exclusion lock to the released state
57 and returns the lock. Each lock provides mutual exclusion access at its task
58 priority level. Since there is no preemption or multiprocessor support in EFI,
59 acquiring the lock only consists of raising to the locks TPL.
60 If Lock is NULL, then ASSERT().
61 If Priority is not a valid TPL value, then ASSERT().
62
63 @param Lock A pointer to the lock data structure to initialize.
64 @param Priority EFI TPL is associated with the lock.
65
66 @return The lock.
67
68 **/
69 EFI_LOCK *
70 InitializeLock (
71 IN OUT EFI_LOCK *Lock,
72 IN EFI_TPL Priority
73 )
74 {
75 return Lock;
76 }
77
78 /**
79 Acquires lock only at boot time. Simply returns at runtime.
80
81 This is a temperary function that will be removed when
82 EfiAcquireLock() in UefiLib can handle the call in UEFI
83 Runtimer driver in RT phase.
84 It calls EfiAcquireLock() at boot time, and simply returns
85 at runtime.
86
87 @param Lock A pointer to the lock to acquire.
88
89 **/
90 VOID
91 AcquireLockOnlyAtBootTime (
92 IN EFI_LOCK *Lock
93 )
94 {
95
96 }
97
98
99 /**
100 Releases lock only at boot time. Simply returns at runtime.
101
102 This is a temperary function which will be removed when
103 EfiReleaseLock() in UefiLib can handle the call in UEFI
104 Runtimer driver in RT phase.
105 It calls EfiReleaseLock() at boot time and simply returns
106 at runtime.
107
108 @param Lock A pointer to the lock to release.
109
110 **/
111 VOID
112 ReleaseLockOnlyAtBootTime (
113 IN EFI_LOCK *Lock
114 )
115 {
116
117 }
118
119 /**
120 Retrive the SMM Fault Tolerent Write protocol interface.
121
122 @param[out] FtwProtocol The interface of SMM Ftw protocol
123
124 @retval EFI_SUCCESS The SMM FTW protocol instance was found and returned in FtwProtocol.
125 @retval EFI_NOT_FOUND The SMM FTW protocol instance was not found.
126 @retval EFI_INVALID_PARAMETER SarProtocol is NULL.
127
128 **/
129 EFI_STATUS
130 GetFtwProtocol (
131 OUT VOID **FtwProtocol
132 )
133 {
134 EFI_STATUS Status;
135
136 //
137 // Locate Smm Fault Tolerent Write protocol
138 //
139 Status = gSmst->SmmLocateProtocol (
140 &gEfiSmmFaultTolerantWriteProtocolGuid,
141 NULL,
142 FtwProtocol
143 );
144 return Status;
145 }
146
147
148 /**
149 Retrive the SMM FVB protocol interface by HANDLE.
150
151 @param[in] FvBlockHandle The handle of SMM FVB protocol that provides services for
152 reading, writing, and erasing the target block.
153 @param[out] FvBlock The interface of SMM FVB protocol
154
155 @retval EFI_SUCCESS The interface information for the specified protocol was returned.
156 @retval EFI_UNSUPPORTED The device does not support the SMM FVB protocol.
157 @retval EFI_INVALID_PARAMETER FvBlockHandle is not a valid EFI_HANDLE or FvBlock is NULL.
158
159 **/
160 EFI_STATUS
161 GetFvbByHandle (
162 IN EFI_HANDLE FvBlockHandle,
163 OUT EFI_FIRMWARE_VOLUME_BLOCK_PROTOCOL **FvBlock
164 )
165 {
166 //
167 // To get the SMM FVB protocol interface on the handle
168 //
169 return gSmst->SmmHandleProtocol (
170 FvBlockHandle,
171 &gEfiSmmFirmwareVolumeBlockProtocolGuid,
172 (VOID **) FvBlock
173 );
174 }
175
176
177 /**
178 Function returns an array of handles that support the SMM FVB protocol
179 in a buffer allocated from pool.
180
181 @param[out] NumberHandles The number of handles returned in Buffer.
182 @param[out] Buffer A pointer to the buffer to return the requested
183 array of handles that support SMM FVB protocol.
184
185 @retval EFI_SUCCESS The array of handles was returned in Buffer, and the number of
186 handles in Buffer was returned in NumberHandles.
187 @retval EFI_NOT_FOUND No SMM FVB handle was found.
188 @retval EFI_OUT_OF_RESOURCES There is not enough pool memory to store the matching results.
189 @retval EFI_INVALID_PARAMETER NumberHandles is NULL or Buffer is NULL.
190
191 **/
192 EFI_STATUS
193 GetFvbCountAndBuffer (
194 OUT UINTN *NumberHandles,
195 OUT EFI_HANDLE **Buffer
196 )
197 {
198 EFI_STATUS Status;
199 UINTN BufferSize;
200
201 if ((NumberHandles == NULL) || (Buffer == NULL)) {
202 return EFI_INVALID_PARAMETER;
203 }
204
205 BufferSize = 0;
206 *NumberHandles = 0;
207 *Buffer = NULL;
208 Status = gSmst->SmmLocateHandle (
209 ByProtocol,
210 &gEfiSmmFirmwareVolumeBlockProtocolGuid,
211 NULL,
212 &BufferSize,
213 *Buffer
214 );
215 if (EFI_ERROR(Status) && Status != EFI_BUFFER_TOO_SMALL) {
216 return EFI_NOT_FOUND;
217 }
218
219 *Buffer = AllocatePool (BufferSize);
220 if (*Buffer == NULL) {
221 return EFI_OUT_OF_RESOURCES;
222 }
223
224 Status = gSmst->SmmLocateHandle (
225 ByProtocol,
226 &gEfiSmmFirmwareVolumeBlockProtocolGuid,
227 NULL,
228 &BufferSize,
229 *Buffer
230 );
231
232 *NumberHandles = BufferSize / sizeof(EFI_HANDLE);
233 if (EFI_ERROR(Status)) {
234 *NumberHandles = 0;
235 }
236
237 return Status;
238 }
239
240
241 /**
242 Get the variable statistics information from the information buffer pointed by gVariableInfo.
243
244 @param[in, out] InfoEntry A pointer to the buffer of variable information entry.
245 On input, point to the variable information returned last time. if
246 InfoEntry->VendorGuid is zero, return the first information.
247 On output, point to the next variable information.
248 @param[in, out] InfoSize On input, the size of the variable information buffer.
249 On output, the returned variable information size.
250
251 @retval EFI_SUCCESS The variable information is found and returned successfully.
252 @retval EFI_UNSUPPORTED No variable inoformation exists in variable driver. The
253 PcdVariableCollectStatistics should be set TRUE to support it.
254 @retval EFI_BUFFER_TOO_SMALL The buffer is too small to hold the next variable information.
255 @retval EFI_INVALID_PARAMETER Input parameter is invalid.
256
257 **/
258 EFI_STATUS
259 SmmVariableGetStatistics (
260 IN OUT VARIABLE_INFO_ENTRY *InfoEntry,
261 IN OUT UINTN *InfoSize
262 )
263 {
264 VARIABLE_INFO_ENTRY *VariableInfo;
265 UINTN NameLength;
266 UINTN StatisticsInfoSize;
267 CHAR16 *InfoName;
268
269 if (InfoEntry == NULL) {
270 return EFI_INVALID_PARAMETER;
271 }
272
273 VariableInfo = gVariableInfo;
274 if (VariableInfo == NULL) {
275 return EFI_UNSUPPORTED;
276 }
277
278 StatisticsInfoSize = sizeof (VARIABLE_INFO_ENTRY) + StrSize (VariableInfo->Name);
279 if (*InfoSize < sizeof (VARIABLE_INFO_ENTRY)) {
280 *InfoSize = StatisticsInfoSize;
281 return EFI_BUFFER_TOO_SMALL;
282 }
283 InfoName = (CHAR16 *)(InfoEntry + 1);
284
285 if (CompareGuid (&InfoEntry->VendorGuid, &mZeroGuid)) {
286 //
287 // Return the first variable info
288 //
289 CopyMem (InfoEntry, VariableInfo, sizeof (VARIABLE_INFO_ENTRY));
290 CopyMem (InfoName, VariableInfo->Name, StrSize (VariableInfo->Name));
291 *InfoSize = StatisticsInfoSize;
292 return EFI_SUCCESS;
293 }
294
295 //
296 // Get the next variable info
297 //
298 while (VariableInfo != NULL) {
299 if (CompareGuid (&VariableInfo->VendorGuid, &InfoEntry->VendorGuid)) {
300 NameLength = StrSize (VariableInfo->Name);
301 if (NameLength == StrSize (InfoName)) {
302 if (CompareMem (VariableInfo->Name, InfoName, NameLength) == 0) {
303 //
304 // Find the match one
305 //
306 VariableInfo = VariableInfo->Next;
307 break;
308 }
309 }
310 }
311 VariableInfo = VariableInfo->Next;
312 };
313
314 if (VariableInfo == NULL) {
315 *InfoSize = 0;
316 return EFI_SUCCESS;
317 }
318
319 //
320 // Output the new variable info
321 //
322 StatisticsInfoSize = sizeof (VARIABLE_INFO_ENTRY) + StrSize (VariableInfo->Name);
323 if (*InfoSize < StatisticsInfoSize) {
324 *InfoSize = StatisticsInfoSize;
325 return EFI_BUFFER_TOO_SMALL;
326 }
327
328 CopyMem (InfoEntry, VariableInfo, sizeof (VARIABLE_INFO_ENTRY));
329 CopyMem (InfoName, VariableInfo->Name, StrSize (VariableInfo->Name));
330 *InfoSize = StatisticsInfoSize;
331
332 return EFI_SUCCESS;
333 }
334
335
336 /**
337 Communication service SMI Handler entry.
338
339 This SMI handler provides services for the variable wrapper driver.
340
341 @param[in] DispatchHandle The unique handle assigned to this handler by SmiHandlerRegister().
342 @param[in] RegisterContext Points to an optional handler context which was specified when the
343 handler was registered.
344 @param[in, out] CommBuffer A pointer to a collection of data in memory that will
345 be conveyed from a non-SMM environment into an SMM environment.
346 @param[in, out] CommBufferSize The size of the CommBuffer.
347
348 @retval EFI_SUCCESS The interrupt was handled and quiesced. No other handlers
349 should still be called.
350 @retval EFI_WARN_INTERRUPT_SOURCE_QUIESCED The interrupt has been quiesced but other handlers should
351 still be called.
352 @retval EFI_WARN_INTERRUPT_SOURCE_PENDING The interrupt is still pending and other handlers should still
353 be called.
354 @retval EFI_INTERRUPT_PENDING The interrupt could not be quiesced.
355 @retval EFI_INVALID_PARAMETER Input parameter is invalid.
356
357 **/
358 EFI_STATUS
359 EFIAPI
360 SmmVariableHandler (
361 IN EFI_HANDLE DispatchHandle,
362 IN CONST VOID *RegisterContext,
363 IN OUT VOID *CommBuffer,
364 IN OUT UINTN *CommBufferSize
365 )
366 {
367 EFI_STATUS Status;
368 SMM_VARIABLE_COMMUNICATE_HEADER *SmmVariableFunctionHeader;
369 SMM_VARIABLE_COMMUNICATE_ACCESS_VARIABLE *SmmVariableHeader;
370 SMM_VARIABLE_COMMUNICATE_GET_NEXT_VARIABLE_NAME *GetNextVariableName;
371 SMM_VARIABLE_COMMUNICATE_QUERY_VARIABLE_INFO *QueryVariableInfo;
372 VARIABLE_INFO_ENTRY *VariableInfo;
373 UINTN InfoSize;
374
375 if (CommBuffer == NULL) {
376 return EFI_INVALID_PARAMETER;
377 }
378
379 SmmVariableFunctionHeader = (SMM_VARIABLE_COMMUNICATE_HEADER *)CommBuffer;
380 switch (SmmVariableFunctionHeader->Function) {
381 case SMM_VARIABLE_FUNCTION_GET_VARIABLE:
382 SmmVariableHeader = (SMM_VARIABLE_COMMUNICATE_ACCESS_VARIABLE *) SmmVariableFunctionHeader->Data;
383 Status = VariableServiceGetVariable (
384 SmmVariableHeader->Name,
385 &SmmVariableHeader->Guid,
386 &SmmVariableHeader->Attributes,
387 &SmmVariableHeader->DataSize,
388 (UINT8 *)SmmVariableHeader->Name + SmmVariableHeader->NameSize
389 );
390 break;
391
392 case SMM_VARIABLE_FUNCTION_GET_NEXT_VARIABLE_NAME:
393 GetNextVariableName = (SMM_VARIABLE_COMMUNICATE_GET_NEXT_VARIABLE_NAME *) SmmVariableFunctionHeader->Data;
394 Status = VariableServiceGetNextVariableName (
395 &GetNextVariableName->NameSize,
396 GetNextVariableName->Name,
397 &GetNextVariableName->Guid
398 );
399 break;
400
401 case SMM_VARIABLE_FUNCTION_SET_VARIABLE:
402 SmmVariableHeader = (SMM_VARIABLE_COMMUNICATE_ACCESS_VARIABLE *) SmmVariableFunctionHeader->Data;
403 Status = VariableServiceSetVariable (
404 SmmVariableHeader->Name,
405 &SmmVariableHeader->Guid,
406 SmmVariableHeader->Attributes,
407 SmmVariableHeader->DataSize,
408 (UINT8 *)SmmVariableHeader->Name + SmmVariableHeader->NameSize
409 );
410 break;
411
412 case SMM_VARIABLE_FUNCTION_QUERY_VARIABLE_INFO:
413 QueryVariableInfo = (SMM_VARIABLE_COMMUNICATE_QUERY_VARIABLE_INFO *) SmmVariableFunctionHeader->Data;
414 Status = VariableServiceQueryVariableInfo (
415 QueryVariableInfo->Attributes,
416 &QueryVariableInfo->MaximumVariableStorageSize,
417 &QueryVariableInfo->RemainingVariableStorageSize,
418 &QueryVariableInfo->MaximumVariableSize
419 );
420 break;
421
422 case SMM_VARIABLE_FUNCTION_READY_TO_BOOT:
423 ReclaimForOS ();
424 Status = EFI_SUCCESS;
425 break;
426
427 case SMM_VARIABLE_FUNCTION_EXIT_BOOT_SERVICE:
428 mAtRuntime = TRUE;
429 Status = EFI_SUCCESS;
430 break;
431
432 case SMM_VARIABLE_FUNCTION_GET_STATISTICS:
433 VariableInfo = (VARIABLE_INFO_ENTRY *) SmmVariableFunctionHeader->Data;
434 InfoSize = *CommBufferSize - OFFSET_OF (SMM_VARIABLE_COMMUNICATE_HEADER, Data);
435 Status = SmmVariableGetStatistics (VariableInfo, &InfoSize);
436 *CommBufferSize = InfoSize + OFFSET_OF (SMM_VARIABLE_COMMUNICATE_HEADER, Data);
437 break;
438
439 default:
440 ASSERT (FALSE);
441 Status = EFI_UNSUPPORTED;
442 }
443
444 SmmVariableFunctionHeader->ReturnStatus = Status;
445
446 return EFI_SUCCESS;
447 }
448
449
450 /**
451 SMM Fault Tolerant Write protocol notification event handler.
452
453 Non-Volatile variable write may needs FTW protocol to reclaim when
454 writting variable.
455
456 @param Protocol Points to the protocol's unique identifier
457 @param Interface Points to the interface instance
458 @param Handle The handle on which the interface was installed
459
460 @retval EFI_SUCCESS SmmEventCallback runs successfully
461 @retval EFI_NOT_FOUND The Fvb protocol for variable is not found.
462
463 **/
464 EFI_STATUS
465 EFIAPI
466 SmmFtwNotificationEvent (
467 IN CONST EFI_GUID *Protocol,
468 IN VOID *Interface,
469 IN EFI_HANDLE Handle
470 )
471 {
472 EFI_STATUS Status;
473 EFI_SMM_FIRMWARE_VOLUME_BLOCK_PROTOCOL *FvbProtocol;
474 EFI_SMM_FAULT_TOLERANT_WRITE_PROTOCOL *FtwProtocol;
475 EFI_PHYSICAL_ADDRESS NvStorageVariableBase;
476
477 if (mVariableModuleGlobal->FvbInstance != NULL) {
478 return EFI_SUCCESS;
479 }
480
481 //
482 // Ensure SMM FTW protocol is installed.
483 //
484 Status = GetFtwProtocol ((VOID **)&FtwProtocol);
485 if (EFI_ERROR (Status)) {
486 return Status;
487 }
488
489 //
490 // Find the proper FVB protocol for variable.
491 //
492 NvStorageVariableBase = (EFI_PHYSICAL_ADDRESS) PcdGet64 (PcdFlashNvStorageVariableBase64);
493 if (NvStorageVariableBase == 0) {
494 NvStorageVariableBase = (EFI_PHYSICAL_ADDRESS) PcdGet32 (PcdFlashNvStorageVariableBase);
495 }
496 Status = GetFvbInfoByAddress (NvStorageVariableBase, NULL, &FvbProtocol);
497 if (EFI_ERROR (Status)) {
498 return EFI_NOT_FOUND;
499 }
500
501 mVariableModuleGlobal->FvbInstance = FvbProtocol;
502
503 Status = VariableWriteServiceInitialize ();
504 ASSERT_EFI_ERROR (Status);
505
506 //
507 // Notify the variable wrapper driver the variable write service is ready
508 //
509 Status = gBS->InstallProtocolInterface (
510 &mSmmVariableHandle,
511 &gSmmVariableWriteGuid,
512 EFI_NATIVE_INTERFACE,
513 NULL
514 );
515 ASSERT_EFI_ERROR (Status);
516
517 return EFI_SUCCESS;
518 }
519
520
521 /**
522 Variable Driver main entry point. The Variable driver places the 4 EFI
523 runtime services in the EFI System Table and installs arch protocols
524 for variable read and write services being available. It also registers
525 a notification function for an EVT_SIGNAL_VIRTUAL_ADDRESS_CHANGE event.
526
527 @param[in] ImageHandle The firmware allocated handle for the EFI image.
528 @param[in] SystemTable A pointer to the EFI System Table.
529
530 @retval EFI_SUCCESS Variable service successfully initialized.
531
532 **/
533 EFI_STATUS
534 EFIAPI
535 VariableServiceInitialize (
536 IN EFI_HANDLE ImageHandle,
537 IN EFI_SYSTEM_TABLE *SystemTable
538 )
539 {
540 EFI_STATUS Status;
541 EFI_HANDLE VariableHandle;
542 VOID *SmmFtwRegistration;
543
544 //
545 // Variable initialize.
546 //
547 Status = VariableCommonInitialize ();
548 ASSERT_EFI_ERROR (Status);
549
550 //
551 // Install the Smm Variable Protocol on a new handle.
552 //
553 VariableHandle = NULL;
554 Status = gSmst->SmmInstallProtocolInterface (
555 &VariableHandle,
556 &gEfiSmmVariableProtocolGuid,
557 EFI_NATIVE_INTERFACE,
558 &gSmmVariable
559 );
560 ASSERT_EFI_ERROR (Status);
561
562 ///
563 /// Register SMM variable SMI handler
564 ///
565 VariableHandle = NULL;
566 Status = gSmst->SmiHandlerRegister (SmmVariableHandler, &gEfiSmmVariableProtocolGuid, &VariableHandle);
567 ASSERT_EFI_ERROR (Status);
568
569 //
570 // Notify the variable wrapper driver the variable service is ready
571 //
572 Status = SystemTable->BootServices->InstallProtocolInterface (
573 &mVariableHandle,
574 &gEfiSmmVariableProtocolGuid,
575 EFI_NATIVE_INTERFACE,
576 &gSmmVariable
577 );
578 ASSERT_EFI_ERROR (Status);
579
580 //
581 // Register FtwNotificationEvent () notify function.
582 //
583 Status = gSmst->SmmRegisterProtocolNotify (
584 &gEfiSmmFaultTolerantWriteProtocolGuid,
585 SmmFtwNotificationEvent,
586 &SmmFtwRegistration
587 );
588 ASSERT_EFI_ERROR (Status);
589
590 SmmFtwNotificationEvent (NULL, NULL, NULL);
591
592 return EFI_SUCCESS;
593 }
594
595
EFI Development Kit II mirror for PVE