MdeModulePkg/SecurityStubDxe: Report failure if image is load earlier

[mirror_edk2.git] / MdeModulePkg / Universal / SecurityStubDxe / Defer3rdPartyImageLoad.c

diff --git a/MdeModulePkg/Universal/SecurityStubDxe/Defer3rdPartyImageLoad.c b/MdeModulePkg/Universal/SecurityStubDxe/Defer3rdPartyImageLoad.c
index ca45d567bd1cc2f44d28b416d3b4042a61ba353f..7135a9d87cc0d26f9a722d3b6828669b5c81c974 100644 (file)
--- a/MdeModulePkg/Universal/SecurityStubDxe/Defer3rdPartyImageLoad.c
+++ b/MdeModulePkg/Universal/SecurityStubDxe/Defer3rdPartyImageLoad.c
@@ -30,6 +30,7 @@ typedef struct {
   DEFERRED_3RD_PARTY_IMAGE_INFO     *ImageInfo;    ///< deferred 3rd party image item\r
 } DEFERRED_3RD_PARTY_IMAGE_TABLE;\r
 \r
+BOOLEAN                          mImageLoadedAfterEndOfDxe   = FALSE;\r
 BOOLEAN                          mEndOfDxe                   = FALSE;\r
 DEFERRED_3RD_PARTY_IMAGE_TABLE   mDeferred3rdPartyImage = {\r
   0,       // Deferred image count\r
@@ -256,6 +257,53 @@ EndOfDxe (
   mEndOfDxe = TRUE;\r
 }\r
 \r
+/**\r
+  Event notification for gEfiDxeSmmReadyToLockProtocolGuid event.\r
+\r
+  This function reports failure if any deferred image is loaded before\r
+  this callback.\r
+  Platform should publish ReadyToLock protocol immediately after signaling\r
+  of the End of DXE Event.\r
+\r
+  @param  Event                 The Event that is being processed, not used.\r
+  @param  Context               Event Context, not used.\r
+\r
+**/\r
+VOID\r
+EFIAPI\r
+DxeSmmReadyToLock (\r
+  IN EFI_EVENT  Event,\r
+  IN VOID       *Context\r
+  )\r
+{\r
+  EFI_STATUS                Status;\r
+  VOID                      *Interface;\r
+\r
+  Status = gBS->LocateProtocol (&gEfiDxeSmmReadyToLockProtocolGuid, NULL, &Interface);\r
+  if (EFI_ERROR (Status)) {\r
+    return;\r
+  }\r
+\r
+  gBS->CloseEvent (Event);\r
+\r
+  if (mImageLoadedAfterEndOfDxe) {\r
+    //\r
+    // Platform should not dispatch the 3rd party images after signaling EndOfDxe event\r
+    // but before publishing DxeSmmReadyToLock protocol.\r
+    //\r
+    DEBUG ((\r
+      DEBUG_ERROR,\r
+      "[Security] 3rd party images must be dispatched after DxeSmmReadyToLock Protocol installation!\n"\r
+      ));\r
+    REPORT_STATUS_CODE (\r
+      EFI_ERROR_CODE | EFI_ERROR_UNRECOVERED,\r
+      (EFI_SOFTWARE_DXE_BS_DRIVER | EFI_SW_EC_ILLEGAL_SOFTWARE_STATE)\r
+      );\r
+    ASSERT (FALSE);\r
+    CpuDeadLoop ();\r
+  }\r
+}\r
+\r
 /**\r
   Defer the 3rd party image load and installs Deferred Image Load Protocol.\r
 \r
@@ -303,6 +351,7 @@ Defer3rdPartyImageLoad (
     );\r
 \r
   if (mEndOfDxe) {\r
+    mImageLoadedAfterEndOfDxe = TRUE;\r
     //\r
     // The image might be first time loaded after EndOfDxe,\r
     // So ImageInfo can be NULL.\r
@@ -334,6 +383,7 @@ Defer3rdPartyImageLoadInitialize (
   EFI_STATUS                           Status;\r
   EFI_HANDLE                           Handle;\r
   EFI_EVENT                            Event;\r
+  VOID                                 *Registration;\r
 \r
   Handle = NULL;\r
   Status = gBS->InstallMultipleProtocolInterfaces (\r
@@ -353,4 +403,12 @@ Defer3rdPartyImageLoadInitialize (
                   &Event\r
                   );\r
   ASSERT_EFI_ERROR (Status);\r
+\r
+  EfiCreateProtocolNotifyEvent (\r
+    &gEfiDxeSmmReadyToLockProtocolGuid,\r
+    TPL_CALLBACK,\r
+    DxeSmmReadyToLock,\r
+    NULL,\r
+    &Registration\r
+    );\r
 }\r