\r
Depex - Dependency Expresion.\r
\r
- Copyright (c) 2009 - 2010, Intel Corporation. All rights reserved.<BR>\r
+ Copyright (c) 2014, Hewlett-Packard Development Company, L.P.\r
+ Copyright (c) 2009 - 2014, Intel Corporation. All rights reserved.<BR>\r
This program and the accompanying materials are licensed and made available \r
under the terms and conditions of the BSD License which accompanies this \r
distribution. The full text of the license may be found at \r
// DXE Architecture Protocols\r
//\r
EFI_SECURITY_ARCH_PROTOCOL *mSecurity = NULL;\r
+EFI_SECURITY2_ARCH_PROTOCOL *mSecurity2 = NULL;\r
\r
//\r
// The global variable is defined for Loading modules at fixed address feature to track the SMM code\r
EFI_DEVICE_PATH_PROTOCOL *HandleFilePath;\r
EFI_FIRMWARE_VOLUME2_PROTOCOL *Fv;\r
PE_COFF_LOADER_IMAGE_CONTEXT ImageContext;\r
+ UINT64 Tick;\r
+\r
+ Tick = 0;\r
+ PERF_CODE (\r
+ Tick = GetPerformanceCounter ();\r
+ );\r
\r
Buffer = NULL;\r
Size = 0;\r
}\r
\r
//\r
- // If the Security Architectural Protocol has not been located yet, then attempt to locate it\r
+ // If the Security2 and Security Architectural Protocol has not been located yet, then attempt to locate it\r
//\r
+ if (mSecurity2 == NULL) {\r
+ gBS->LocateProtocol (&gEfiSecurity2ArchProtocolGuid, NULL, (VOID**)&mSecurity2);\r
+ }\r
if (mSecurity == NULL) {\r
gBS->LocateProtocol (&gEfiSecurityArchProtocolGuid, NULL, (VOID**)&mSecurity);\r
}\r
-\r
//\r
- // Verify the Authentication Status through the Security Architectural Protocol\r
+ // When Security2 is installed, Security Architectural Protocol must be published.\r
//\r
- if ((mSecurity != NULL) && (OriginalFilePath != NULL)) {\r
- SecurityStatus = mSecurity->FileAuthenticationState (\r
- mSecurity,\r
- AuthenticationStatus,\r
- OriginalFilePath\r
- );\r
- if (EFI_ERROR (SecurityStatus) && SecurityStatus != EFI_SECURITY_VIOLATION) {\r
- Status = SecurityStatus;\r
- return Status;\r
- }\r
- }\r
- \r
+ ASSERT (mSecurity2 == NULL || mSecurity != NULL);\r
+\r
//\r
// Pull out just the file portion of the DevicePath for the LoadedImage FilePath\r
//\r
\r
if (EFI_ERROR (Status)) {\r
if (Buffer != NULL) {\r
- Status = gBS->FreePool (Buffer);\r
+ gBS->FreePool (Buffer);\r
}\r
return Status;\r
}\r
\r
+ //\r
+ // Verify File Authentication through the Security2 Architectural Protocol\r
+ //\r
+ if (mSecurity2 != NULL) {\r
+ SecurityStatus = mSecurity2->FileAuthentication (\r
+ mSecurity2,\r
+ OriginalFilePath,\r
+ Buffer,\r
+ Size,\r
+ FALSE\r
+ );\r
+ }\r
+\r
+ //\r
+ // Verify the Authentication Status through the Security Architectural Protocol\r
+ // Only on images that have been read using Firmware Volume protocol.\r
+ // All SMM images are from FV protocol. \r
+ //\r
+ if (!EFI_ERROR (SecurityStatus) && (mSecurity != NULL)) {\r
+ SecurityStatus = mSecurity->FileAuthenticationState (\r
+ mSecurity,\r
+ AuthenticationStatus,\r
+ OriginalFilePath\r
+ );\r
+ }\r
+\r
+ if (EFI_ERROR (SecurityStatus) && SecurityStatus != EFI_SECURITY_VIOLATION) {\r
+ Status = SecurityStatus;\r
+ return Status;\r
+ }\r
+ \r
//\r
// Initialize ImageContext\r
//\r
Status = PeCoffLoaderGetImageInfo (&ImageContext);\r
if (EFI_ERROR (Status)) {\r
if (Buffer != NULL) {\r
- Status = gBS->FreePool (Buffer);\r
+ gBS->FreePool (Buffer);\r
}\r
return Status;\r
}\r
//\r
// allocate the memory to load the SMM driver\r
//\r
- PageCount = (UINTN)EFI_SIZE_TO_PAGES(ImageContext.ImageSize + ImageContext.SectionAlignment);\r
+ PageCount = (UINTN)EFI_SIZE_TO_PAGES((UINTN)ImageContext.ImageSize + ImageContext.SectionAlignment);\r
DstBuffer = (UINTN)(-1);\r
\r
Status = SmmAllocatePages (\r
);\r
if (EFI_ERROR (Status)) {\r
if (Buffer != NULL) {\r
- Status = gBS->FreePool (Buffer);\r
+ gBS->FreePool (Buffer);\r
} \r
return Status;\r
} \r
ImageContext.ImageAddress = (EFI_PHYSICAL_ADDRESS)DstBuffer;\r
}\r
} else {\r
- PageCount = (UINTN)EFI_SIZE_TO_PAGES(ImageContext.ImageSize + ImageContext.SectionAlignment);\r
+ PageCount = (UINTN)EFI_SIZE_TO_PAGES((UINTN)ImageContext.ImageSize + ImageContext.SectionAlignment);\r
DstBuffer = (UINTN)(-1);\r
\r
Status = SmmAllocatePages (\r
);\r
if (EFI_ERROR (Status)) {\r
if (Buffer != NULL) {\r
- Status = gBS->FreePool (Buffer);\r
+ gBS->FreePool (Buffer);\r
}\r
return Status;\r
}\r
// Align buffer on section boundry\r
//\r
ImageContext.ImageAddress += ImageContext.SectionAlignment - 1;\r
- ImageContext.ImageAddress &= ~(ImageContext.SectionAlignment - 1);\r
+ ImageContext.ImageAddress &= ~((EFI_PHYSICAL_ADDRESS)(ImageContext.SectionAlignment - 1));\r
\r
//\r
// Load the image to our new buffer\r
Status = PeCoffLoaderLoadImage (&ImageContext);\r
if (EFI_ERROR (Status)) {\r
if (Buffer != NULL) {\r
- Status = gBS->FreePool (Buffer);\r
+ gBS->FreePool (Buffer);\r
}\r
SmmFreePages (DstBuffer, PageCount);\r
return Status;\r
Status = PeCoffLoaderRelocateImage (&ImageContext);\r
if (EFI_ERROR (Status)) {\r
if (Buffer != NULL) {\r
- Status = gBS->FreePool (Buffer);\r
+ gBS->FreePool (Buffer);\r
}\r
SmmFreePages (DstBuffer, PageCount);\r
return Status;\r
Status = gBS->AllocatePool (EfiBootServicesData, sizeof (EFI_LOADED_IMAGE_PROTOCOL), (VOID **)&DriverEntry->LoadedImage);\r
if (EFI_ERROR (Status)) {\r
if (Buffer != NULL) {\r
- Status = gBS->FreePool (Buffer);\r
+ gBS->FreePool (Buffer);\r
}\r
SmmFreePages (DstBuffer, PageCount);\r
return Status;\r
}\r
\r
+ ZeroMem (DriverEntry->LoadedImage, sizeof (EFI_LOADED_IMAGE_PROTOCOL));\r
//\r
// Fill in the remaining fields of the Loaded Image Protocol instance.\r
// Note: ImageBase is an SMRAM address that can not be accessed outside of SMRAM if SMRAM window is closed.\r
Status = gBS->AllocatePool (EfiBootServicesData, GetDevicePathSize (FilePath), (VOID **)&DriverEntry->LoadedImage->FilePath);\r
if (EFI_ERROR (Status)) {\r
if (Buffer != NULL) {\r
- Status = gBS->FreePool (Buffer);\r
+ gBS->FreePool (Buffer);\r
}\r
SmmFreePages (DstBuffer, PageCount);\r
return Status;\r
NULL\r
);\r
\r
+ PERF_START (DriverEntry->ImageHandle, "LoadImage:", NULL, Tick);\r
+ PERF_END (DriverEntry->ImageHandle, "LoadImage:", NULL, 0);\r
+\r
//\r
// Print the load address and the PDB file name if it is available\r
//\r
\r
\r
DEBUG ((DEBUG_INFO | DEBUG_LOAD,\r
- "Loading driver at 0x%11p EntryPoint=0x%11p ",\r
+ "Loading SMM driver at 0x%11p EntryPoint=0x%11p ",\r
(VOID *)(UINTN) ImageContext.ImageAddress,\r
FUNCTION_ENTRY_POINT (ImageContext.EntryPoint)));\r
\r
// used the UEFI Boot Services AllocatePool() function\r
//\r
Status = gBS->FreePool(Buffer);\r
+ if (!EFI_ERROR (Status) && EFI_ERROR (SecurityStatus)) {\r
+ Status = SecurityStatus;\r
+ }\r
return Status; \r
}\r
\r
drivers to run. Drain the mScheduledQueue and load and start a PE\r
image for each driver. Search the mDiscoveredList to see if any driver can\r
be placed on the mScheduledQueue. If no drivers are placed on the\r
- mScheduledQueue exit the function. On exit it is assumed the Bds()\r
- will be called, and when the Bds() exits the Dispatcher will be called\r
- again.\r
-\r
+ mScheduledQueue exit the function. \r
+\r
+ @retval EFI_SUCCESS All of the SMM Drivers that could be dispatched\r
+ have been run and the SMM Entry Point has been\r
+ registered.\r
+ @retval EFI_NOT_READY The SMM Driver that registered the SMM Entry Point\r
+ was just dispatched.\r
+ @retval EFI_NOT_FOUND There are no SMM Drivers available to be dispatched.\r
@retval EFI_ALREADY_STARTED The SMM Dispatcher is already running\r
- @retval EFI_NOT_FOUND No SMM Drivers were dispatched\r
- @retval EFI_SUCCESS One or more SMM Drivers were dispatched\r
\r
**/\r
EFI_STATUS\r
)\r
{\r
EFI_STATUS Status;\r
- EFI_STATUS ReturnStatus;\r
LIST_ENTRY *Link;\r
EFI_SMM_DRIVER_ENTRY *DriverEntry;\r
BOOLEAN ReadyToRun;\r
+ BOOLEAN PreviousSmmEntryPointRegistered;\r
\r
if (!gRequestDispatch) {\r
return EFI_NOT_FOUND;\r
\r
gDispatcherRunning = TRUE;\r
\r
- ReturnStatus = EFI_NOT_FOUND;\r
do {\r
//\r
// Drain the Scheduled Queue\r
sizeof (DriverEntry->ImageHandle)\r
);\r
\r
+ //\r
+ // Cache state of SmmEntryPointRegistered before calling entry point\r
+ //\r
+ PreviousSmmEntryPointRegistered = gSmmCorePrivate->SmmEntryPointRegistered;\r
+\r
//\r
// For each SMM driver, pass NULL as ImageHandle\r
//\r
+ RegisterSmramProfileImage (DriverEntry, TRUE);\r
+ PERF_START (DriverEntry->ImageHandle, "StartImage:", NULL, 0);\r
Status = ((EFI_IMAGE_ENTRY_POINT)(UINTN)DriverEntry->ImageEntryPoint)(DriverEntry->ImageHandle, gST);\r
+ PERF_END (DriverEntry->ImageHandle, "StartImage:", NULL, 0);\r
if (EFI_ERROR(Status)){\r
+ UnregisterSmramProfileImage (DriverEntry, TRUE);\r
SmmFreePages(DriverEntry->ImageBuffer, DriverEntry->NumberOfPage);\r
+ //\r
+ // Uninstall LoadedImage\r
+ //\r
+ Status = gBS->UninstallProtocolInterface (\r
+ DriverEntry->ImageHandle,\r
+ &gEfiLoadedImageProtocolGuid,\r
+ DriverEntry->LoadedImage\r
+ );\r
+ if (!EFI_ERROR (Status)) {\r
+ if (DriverEntry->LoadedImage->FilePath != NULL) {\r
+ gBS->FreePool (DriverEntry->LoadedImage->FilePath);\r
+ }\r
+ gBS->FreePool (DriverEntry->LoadedImage);\r
+ }\r
}\r
\r
REPORT_STATUS_CODE_WITH_EXTENDED_DATA (\r
sizeof (DriverEntry->ImageHandle)\r
);\r
\r
- ReturnStatus = EFI_SUCCESS;\r
+ if (!PreviousSmmEntryPointRegistered && gSmmCorePrivate->SmmEntryPointRegistered) {\r
+ //\r
+ // Return immediately if the SMM Entry Point was registered by the SMM \r
+ // Driver that was just dispatched. The SMM IPL will reinvoke the SMM\r
+ // Core Dispatcher. This is required so SMM Mode may be enabled as soon \r
+ // as all the dependent SMM Drivers for SMM Mode have been dispatched. \r
+ // Once the SMM Entry Point has been registered, then SMM Mode will be \r
+ // used.\r
+ //\r
+ gRequestDispatch = TRUE;\r
+ gDispatcherRunning = FALSE;\r
+ return EFI_NOT_READY;\r
+ }\r
}\r
\r
//\r
\r
gDispatcherRunning = FALSE;\r
\r
- return ReturnStatus;\r
+ return EFI_SUCCESS;\r
}\r
\r
/**\r
UINTN HandleCount;\r
EFI_HANDLE *HandleBuffer;\r
EFI_STATUS GetNextFileStatus;\r
- EFI_STATUS SecurityStatus;\r
EFI_FIRMWARE_VOLUME2_PROTOCOL *Fv;\r
EFI_DEVICE_PATH_PROTOCOL *FvDevicePath;\r
EFI_HANDLE FvHandle;\r
EFI_SMM_DRIVER_ENTRY *DriverEntry;\r
EFI_GUID *AprioriFile;\r
UINTN AprioriEntryCount;\r
- UINTN Index;\r
+ UINTN HandleIndex;\r
+ UINTN SmmTypeIndex;\r
+ UINTN AprioriIndex;\r
LIST_ENTRY *Link;\r
UINT32 AuthenticationStatus;\r
UINTN SizeOfBuffer;\r
return EFI_NOT_FOUND;\r
}\r
\r
- for (Index = 0; Index < HandleCount; Index++) {\r
- FvHandle = HandleBuffer[Index];\r
+ for (HandleIndex = 0; HandleIndex < HandleCount; HandleIndex++) {\r
+ FvHandle = HandleBuffer[HandleIndex];\r
\r
if (FvHasBeenProcessed (FvHandle)) {\r
//\r
continue;\r
}\r
\r
- //\r
- // If the Security Architectural Protocol has not been located yet, then attempt to locate it\r
- //\r
- if (mSecurity == NULL) {\r
- gBS->LocateProtocol (&gEfiSecurityArchProtocolGuid, NULL, (VOID**)&mSecurity);\r
- }\r
-\r
- //\r
- // Evaluate the authentication status of the Firmware Volume through\r
- // Security Architectural Protocol\r
- //\r
- if (mSecurity != NULL) {\r
- SecurityStatus = mSecurity->FileAuthenticationState (\r
- mSecurity,\r
- 0,\r
- FvDevicePath\r
- );\r
- if (SecurityStatus != EFI_SUCCESS) {\r
- //\r
- // Security check failed. The firmware volume should not be used for any purpose.\r
- //\r
- continue;\r
- }\r
- }\r
-\r
//\r
// Discover Drivers in FV and add them to the Discovered Driver List.\r
// Process EFI_FV_FILETYPE_SMM type and then EFI_FV_FILETYPE_COMBINED_SMM_DXE\r
//\r
- for (Index = 0; Index < sizeof (mSmmFileTypes)/sizeof (EFI_FV_FILETYPE); Index++) {\r
+ for (SmmTypeIndex = 0; SmmTypeIndex < sizeof (mSmmFileTypes)/sizeof (EFI_FV_FILETYPE); SmmTypeIndex++) {\r
//\r
// Initialize the search key\r
//\r
Key = 0;\r
do {\r
- Type = mSmmFileTypes[Index];\r
+ Type = mSmmFileTypes[SmmTypeIndex];\r
GetNextFileStatus = Fv->GetNextFile (\r
Fv,\r
&Key,\r
// is only valid for the FV that it resided in.\r
//\r
\r
- for (Index = 0; Index < AprioriEntryCount; Index++) {\r
+ for (AprioriIndex = 0; AprioriIndex < AprioriEntryCount; AprioriIndex++) {\r
for (Link = mDiscoveredList.ForwardLink; Link != &mDiscoveredList; Link = Link->ForwardLink) {\r
DriverEntry = CR(Link, EFI_SMM_DRIVER_ENTRY, Link, EFI_SMM_DRIVER_ENTRY_SIGNATURE);\r
- if (CompareGuid (&DriverEntry->FileName, &AprioriFile[Index]) &&\r
+ if (CompareGuid (&DriverEntry->FileName, &AprioriFile[AprioriIndex]) &&\r
(FvHandle == DriverEntry->FvHandle)) {\r
DriverEntry->Dependent = FALSE;\r
DriverEntry->Scheduled = TRUE;\r
// Execute the SMM Dispatcher on any newly discovered FVs and previously \r
// discovered SMM drivers that have been discovered but not dispatched.\r
//\r
- return SmmDispatcher ();\r
+ Status = SmmDispatcher ();\r
+\r
+ //\r
+ // Check to see if CommBuffer and CommBufferSize are valid\r
+ //\r
+ if (CommBuffer != NULL && CommBufferSize != NULL) {\r
+ if (*CommBufferSize > 0) {\r
+ if (Status == EFI_NOT_READY) {\r
+ //\r
+ // If a the SMM Core Entry Point was just registered, then set flag to \r
+ // request the SMM Dispatcher to be restarted.\r
+ //\r
+ *(UINT8 *)CommBuffer = COMM_BUFFER_SMM_DISPATCH_RESTART;\r
+ } else if (!EFI_ERROR (Status)) {\r
+ //\r
+ // Set the flag to show that the SMM Dispatcher executed without errors\r
+ //\r
+ *(UINT8 *)CommBuffer = COMM_BUFFER_SMM_DISPATCH_SUCCESS;\r
+ } else {\r
+ //\r
+ // Set the flag to show that the SMM Dispatcher encountered an error\r
+ //\r
+ *(UINT8 *)CommBuffer = COMM_BUFFER_SMM_DISPATCH_ERROR;\r
+ }\r
+ }\r
+ }\r
+\r
+ return EFI_SUCCESS;\r
}\r
\r
/**\r
projects / mirror_edk2.git / blobdiff