SecurityPkg Variable: Before EndOfDxe, just record the current boot VarErrorFlag...

[mirror_edk2.git] / SecurityPkg / VariableAuthenticated / RuntimeDxe / Variable.c

diff --git a/SecurityPkg/VariableAuthenticated/RuntimeDxe/Variable.c b/SecurityPkg/VariableAuthenticated/RuntimeDxe/Variable.c
index ac043d9a17e94d4c170fec5e453cf57d2bb7a5c9..83d69899f705e936e6b4c27a1230bbf83c529adf 100644 (file)
--- a/SecurityPkg/VariableAuthenticated/RuntimeDxe/Variable.c
+++ b/SecurityPkg/VariableAuthenticated/RuntimeDxe/Variable.c
@@ -16,7 +16,7 @@
   VariableServiceSetVariable() should also check authenticate data to avoid buffer overflow,\r
   integer overflow. It should also check attribute to avoid authentication bypass.\r
 \r
-Copyright (c) 2009 - 2014, Intel Corporation. All rights reserved.<BR>\r
+Copyright (c) 2009 - 2015, Intel Corporation. All rights reserved.<BR>\r
 This program and the accompanying materials\r
 are licensed and made available under the terms and conditions of the BSD License\r
 which accompanies this distribution.  The full text of the license may be found at\r
@@ -59,52 +59,9 @@ BOOLEAN                mEndOfDxe              = FALSE;
 BOOLEAN                mEnableLocking         = TRUE;\r
 \r
 //\r
-// To prevent name collisions with possible future globally defined variables,\r
-// other internal firmware data variables that are not defined here must be\r
-// saved with a unique VendorGuid other than EFI_GLOBAL_VARIABLE or\r
-// any other GUID defined by the UEFI Specification. Implementations must\r
-// only permit the creation of variables with a UEFI Specification-defined\r
-// VendorGuid when these variables are documented in the UEFI Specification.\r
+// It will record the current boot error flag before EndOfDxe.\r
 //\r
-GLOBAL_VARIABLE_ENTRY mGlobalVariableList[] = {\r
-  {EFI_LANG_CODES_VARIABLE_NAME,             VARIABLE_ATTRIBUTE_BS_RT},\r
-  {EFI_LANG_VARIABLE_NAME,                   VARIABLE_ATTRIBUTE_NV_BS_RT},\r
-  {EFI_TIME_OUT_VARIABLE_NAME,               VARIABLE_ATTRIBUTE_NV_BS_RT},\r
-  {EFI_PLATFORM_LANG_CODES_VARIABLE_NAME,    VARIABLE_ATTRIBUTE_BS_RT},\r
-  {EFI_PLATFORM_LANG_VARIABLE_NAME,          VARIABLE_ATTRIBUTE_NV_BS_RT},\r
-  {EFI_CON_IN_VARIABLE_NAME,                 VARIABLE_ATTRIBUTE_NV_BS_RT},\r
-  {EFI_CON_OUT_VARIABLE_NAME,                VARIABLE_ATTRIBUTE_NV_BS_RT},\r
-  {EFI_ERR_OUT_VARIABLE_NAME,                VARIABLE_ATTRIBUTE_NV_BS_RT},\r
-  {EFI_CON_IN_DEV_VARIABLE_NAME,             VARIABLE_ATTRIBUTE_BS_RT},\r
-  {EFI_CON_OUT_DEV_VARIABLE_NAME,            VARIABLE_ATTRIBUTE_BS_RT},\r
-  {EFI_ERR_OUT_DEV_VARIABLE_NAME,            VARIABLE_ATTRIBUTE_BS_RT},\r
-  {EFI_BOOT_ORDER_VARIABLE_NAME,             VARIABLE_ATTRIBUTE_NV_BS_RT},\r
-  {EFI_BOOT_NEXT_VARIABLE_NAME,              VARIABLE_ATTRIBUTE_NV_BS_RT},\r
-  {EFI_BOOT_CURRENT_VARIABLE_NAME,           VARIABLE_ATTRIBUTE_BS_RT},\r
-  {EFI_BOOT_OPTION_SUPPORT_VARIABLE_NAME,    VARIABLE_ATTRIBUTE_BS_RT},\r
-  {EFI_DRIVER_ORDER_VARIABLE_NAME,           VARIABLE_ATTRIBUTE_NV_BS_RT},\r
-  {EFI_HW_ERR_REC_SUPPORT_VARIABLE_NAME,     VARIABLE_ATTRIBUTE_NV_BS_RT},\r
-  {EFI_SETUP_MODE_NAME,                      VARIABLE_ATTRIBUTE_BS_RT},\r
-  {EFI_KEY_EXCHANGE_KEY_NAME,                VARIABLE_ATTRIBUTE_NV_BS_RT_AT},\r
-  {EFI_PLATFORM_KEY_NAME,                    VARIABLE_ATTRIBUTE_NV_BS_RT_AT},\r
-  {EFI_SIGNATURE_SUPPORT_NAME,               VARIABLE_ATTRIBUTE_BS_RT},\r
-  {EFI_SECURE_BOOT_MODE_NAME,                VARIABLE_ATTRIBUTE_BS_RT},\r
-  {EFI_KEK_DEFAULT_VARIABLE_NAME,            VARIABLE_ATTRIBUTE_BS_RT},\r
-  {EFI_PK_DEFAULT_VARIABLE_NAME,             VARIABLE_ATTRIBUTE_BS_RT},\r
-  {EFI_DB_DEFAULT_VARIABLE_NAME,             VARIABLE_ATTRIBUTE_BS_RT},\r
-  {EFI_DBX_DEFAULT_VARIABLE_NAME,            VARIABLE_ATTRIBUTE_BS_RT},\r
-  {EFI_DBT_DEFAULT_VARIABLE_NAME,            VARIABLE_ATTRIBUTE_BS_RT},\r
-  {EFI_OS_INDICATIONS_SUPPORT_VARIABLE_NAME, VARIABLE_ATTRIBUTE_BS_RT},\r
-  {EFI_OS_INDICATIONS_VARIABLE_NAME,         VARIABLE_ATTRIBUTE_NV_BS_RT},\r
-  {EFI_VENDOR_KEYS_VARIABLE_NAME,            VARIABLE_ATTRIBUTE_BS_RT},\r
-};\r
-GLOBAL_VARIABLE_ENTRY mGlobalVariableList2[] = {\r
-  {L"Boot####",                              VARIABLE_ATTRIBUTE_NV_BS_RT},\r
-  {L"Driver####",                            VARIABLE_ATTRIBUTE_NV_BS_RT},\r
-  {L"Key####",                               VARIABLE_ATTRIBUTE_NV_BS_RT},\r
-};\r
-\r
-/**\r
+VAR_ERROR_FLAG         mCurrentBootVarErrFlag = VAR_ERROR_FLAG_NO_ERROR;\r
 \r
   SecureBoot Hook for auth variable update.\r
 \r
@@ -588,6 +545,229 @@ GetEndPointer (
   return (VARIABLE_HEADER *) HEADER_ALIGN ((UINTN) VarStoreHeader + VarStoreHeader->Size);\r
 }\r
 \r
+/**\r
+  Record variable error flag.\r
+\r
+  @param[in] Flag               Variable error flag to record.\r
+  @param[in] VariableName       Name of variable.\r
+  @param[in] VendorGuid         Guid of variable.\r
+  @param[in] Attributes         Attributes of the variable.\r
+  @param[in] VariableSize       Size of the variable.\r
+\r
+**/\r
+VOID\r
+RecordVarErrorFlag (\r
+  IN VAR_ERROR_FLAG         Flag,\r
+  IN CHAR16                 *VariableName,\r
+  IN EFI_GUID               *VendorGuid,\r
+  IN UINT32                 Attributes,\r
+  IN UINTN                  VariableSize\r
+  )\r
+{\r
+  EFI_STATUS                Status;\r
+  VARIABLE_POINTER_TRACK    Variable;\r
+  VAR_ERROR_FLAG            *VarErrFlag;\r
+  VAR_ERROR_FLAG            TempFlag;\r
+\r
+  DEBUG_CODE (\r
+    DEBUG ((EFI_D_ERROR, "RecordVarErrorFlag (0x%02x) %s:%g - 0x%08x - 0x%x\n", Flag, VariableName, VendorGuid, Attributes, VariableSize));\r
+    if (Flag == VAR_ERROR_FLAG_SYSTEM_ERROR) {\r
+      if (AtRuntime ()) {\r
+        DEBUG ((EFI_D_ERROR, "CommonRuntimeVariableSpace = 0x%x - CommonVariableTotalSize = 0x%x\n", mVariableModuleGlobal->CommonRuntimeVariableSpace, mVariableModuleGlobal->CommonVariableTotalSize));\r
+      } else {\r
+        DEBUG ((EFI_D_ERROR, "CommonVariableSpace = 0x%x - CommonVariableTotalSize = 0x%x\n", mVariableModuleGlobal->CommonVariableSpace, mVariableModuleGlobal->CommonVariableTotalSize));\r
+      }\r
+    } else {\r
+      DEBUG ((EFI_D_ERROR, "CommonMaxUserVariableSpace = 0x%x - CommonUserVariableTotalSize = 0x%x\n", mVariableModuleGlobal->CommonMaxUserVariableSpace, mVariableModuleGlobal->CommonUserVariableTotalSize));\r
+    }\r
+  );\r
+\r
+  if (!mEndOfDxe) {\r
+    //\r
+    // Before EndOfDxe, just record the current boot variable error flag to local variable,\r
+    // and leave the variable error flag in NV flash as the last boot variable error flag.\r
+    // After EndOfDxe in InitializeVarErrorFlag (), the variable error flag in NV flash\r
+    // will be initialized to this local current boot variable error flag.\r
+    //\r
+    mCurrentBootVarErrFlag &= Flag;\r
+    return;\r
+  }\r
+\r
+  //\r
+  // Record error flag (it should have be initialized).\r
+  //\r
+  Status = FindVariable (\r
+             VAR_ERROR_FLAG_NAME,\r
+             &gEdkiiVarErrorFlagGuid,\r
+             &Variable,\r
+             &mVariableModuleGlobal->VariableGlobal,\r
+             FALSE\r
+             );\r
+  if (!EFI_ERROR (Status)) {\r
+    VarErrFlag = (VAR_ERROR_FLAG *) GetVariableDataPtr (Variable.CurrPtr);\r
+    TempFlag = *VarErrFlag;\r
+    TempFlag &= Flag;\r
+    if (TempFlag == *VarErrFlag) {\r
+      return;\r
+    }\r
+    Status = UpdateVariableStore (\r
+               &mVariableModuleGlobal->VariableGlobal,\r
+               FALSE,\r
+               FALSE,\r
+               mVariableModuleGlobal->FvbInstance,\r
+               (UINTN) VarErrFlag - (UINTN) mNvVariableCache + (UINTN) mVariableModuleGlobal->VariableGlobal.NonVolatileVariableBase,\r
+               sizeof (TempFlag),\r
+               &TempFlag\r
+               );\r
+    if (!EFI_ERROR (Status)) {\r
+      //\r
+      // Update the data in NV cache.\r
+      //\r
+      *VarErrFlag = Flag;\r
+    }\r
+  }\r
+}\r
+\r
+/**\r
+  Initialize variable error flag.\r
+\r
+  Before EndOfDxe, the variable indicates the last boot variable error flag,\r
+  then it means the last boot variable error flag must be got before EndOfDxe.\r
+  After EndOfDxe, the variable indicates the current boot variable error flag,\r
+  then it means the current boot variable error flag must be got after EndOfDxe.\r
+\r
+**/\r
+VOID\r
+InitializeVarErrorFlag (\r
+  VOID\r
+  )\r
+{\r
+  EFI_STATUS                Status;\r
+  VARIABLE_POINTER_TRACK    Variable;\r
+  VAR_ERROR_FLAG            Flag;\r
+  VAR_ERROR_FLAG            VarErrFlag;\r
+\r
+  if (!mEndOfDxe) {\r
+    return;\r
+  }\r
+\r
+  Flag = mCurrentBootVarErrFlag;\r
+  DEBUG ((EFI_D_INFO, "Initialize variable error flag (%02x)\n", Flag));\r
+\r
+  Status = FindVariable (\r
+             VAR_ERROR_FLAG_NAME,\r
+             &gEdkiiVarErrorFlagGuid,\r
+             &Variable,\r
+             &mVariableModuleGlobal->VariableGlobal,\r
+             FALSE\r
+             );\r
+  if (!EFI_ERROR (Status)) {\r
+    VarErrFlag = *((VAR_ERROR_FLAG *) GetVariableDataPtr (Variable.CurrPtr));\r
+    if (VarErrFlag == Flag) {\r
+      return;\r
+    }\r
+  }\r
+\r
+  UpdateVariable (\r
+    VAR_ERROR_FLAG_NAME,\r
+    &gEdkiiVarErrorFlagGuid,\r
+    &Flag,\r
+    sizeof (Flag),\r
+    VARIABLE_ATTRIBUTE_NV_BS_RT,\r
+    0,\r
+    0,\r
+    &Variable,\r
+    NULL\r
+    );\r
+}\r
+\r
+/**\r
+  Is user variable?\r
+\r
+  @param[in] Variable   Pointer to variable header.\r
+\r
+  @retval TRUE          User variable.\r
+  @retval FALSE         System variable.\r
+\r
+**/\r
+BOOLEAN\r
+IsUserVariable (\r
+  IN VARIABLE_HEADER    *Variable\r
+  )\r
+{\r
+  VAR_CHECK_VARIABLE_PROPERTY   Property;\r
+\r
+  //\r
+  // Only after End Of Dxe, the variables belong to system variable are fixed.\r
+  // If PcdMaxUserNvStorageVariableSize is 0, it means user variable share the same NV storage with system variable,\r
+  // then no need to check if the variable is user variable or not specially.\r
+  //\r
+  if (mEndOfDxe && (mVariableModuleGlobal->CommonMaxUserVariableSpace != mVariableModuleGlobal->CommonVariableSpace)) {\r
+    if (InternalVarCheckVariablePropertyGet (GetVariableNamePtr (Variable), &Variable->VendorGuid, &Property) == EFI_NOT_FOUND) {\r
+      return TRUE;\r
+    }\r
+  }\r
+  return FALSE;\r
+}\r
+\r
+/**\r
+  Calculate common user variable total size.\r
+\r
+**/\r
+VOID\r
+CalculateCommonUserVariableTotalSize (\r
+  VOID\r
+  )\r
+{\r
+  VARIABLE_HEADER               *Variable;\r
+  VARIABLE_HEADER               *NextVariable;\r
+  UINTN                         VariableSize;\r
+  VAR_CHECK_VARIABLE_PROPERTY   Property;\r
+\r
+  //\r
+  // Only after End Of Dxe, the variables belong to system variable are fixed.\r
+  // If PcdMaxUserNvStorageVariableSize is 0, it means user variable share the same NV storage with system variable,\r
+  // then no need to calculate the common user variable total size specially.\r
+  //\r
+  if (mEndOfDxe && (mVariableModuleGlobal->CommonMaxUserVariableSpace != mVariableModuleGlobal->CommonVariableSpace)) {\r
+    Variable = GetStartPointer (mNvVariableCache);\r
+    while (IsValidVariableHeader (Variable, GetEndPointer (mNvVariableCache))) {\r
+      NextVariable = GetNextVariablePtr (Variable);\r
+      VariableSize = (UINTN) NextVariable - (UINTN) Variable;\r
+      if ((Variable->Attributes & EFI_VARIABLE_HARDWARE_ERROR_RECORD) != EFI_VARIABLE_HARDWARE_ERROR_RECORD) {\r
+        if (InternalVarCheckVariablePropertyGet (GetVariableNamePtr (Variable), &Variable->VendorGuid, &Property) == EFI_NOT_FOUND) {\r
+          //\r
+          // No property, it is user variable.\r
+          //\r
+          mVariableModuleGlobal->CommonUserVariableTotalSize += VariableSize;\r
+        }\r
+      }\r
+\r
+      Variable = NextVariable;\r
+    }\r
+  }\r
+}\r
+\r
+/**\r
+  Initialize variable quota.\r
+\r
+**/\r
+VOID\r
+InitializeVariableQuota (\r
+  VOID\r
+  )\r
+{\r
+  STATIC BOOLEAN    Initialized;\r
+\r
+  if (!mEndOfDxe || Initialized) {\r
+    return;\r
+  }\r
+  Initialized = TRUE;\r
+\r
+  InitializeVarErrorFlag ();\r
+  CalculateCommonUserVariableTotalSize ();\r
+}\r
+\r
 /**\r
 \r
   Check the PubKeyIndex is a valid key or not.\r
@@ -772,6 +952,7 @@ Reclaim (
   BOOLEAN               FoundAdded;\r
   EFI_STATUS            Status;\r
   UINTN                 CommonVariableTotalSize;\r
+  UINTN                 CommonUserVariableTotalSize;\r
   UINTN                 HwErrVariableTotalSize;\r
   UINT32                *NewPubKeyIndex;\r
   UINT8                 *NewPubKeyStore;\r
@@ -790,6 +971,7 @@ Reclaim (
   VariableStoreHeader = (VARIABLE_STORE_HEADER *) ((UINTN) VariableBase);\r
 \r
   CommonVariableTotalSize = 0;\r
+  CommonUserVariableTotalSize = 0;\r
   HwErrVariableTotalSize  = 0;\r
   NewPubKeyIndex = NULL;\r
   NewPubKeyStore = NULL;\r
@@ -891,6 +1073,9 @@ Reclaim (
           HwErrVariableTotalSize += VariableSize;\r
         } else if ((Variable->Attributes & EFI_VARIABLE_HARDWARE_ERROR_RECORD) != EFI_VARIABLE_HARDWARE_ERROR_RECORD) {\r
           CommonVariableTotalSize += VariableSize;\r
+          if (IsUserVariable (Variable)) {\r
+            CommonUserVariableTotalSize += VariableSize;\r
+          }\r
         }\r
       }\r
       Variable = NextVariable;\r
@@ -911,6 +1096,9 @@ Reclaim (
     CopyMem (GetVariableDataPtr (Variable), NewPubKeyStore, NewPubKeySize);\r
     CurrPtr = (UINT8*) GetNextVariablePtr (Variable);\r
     CommonVariableTotalSize += (UINTN) CurrPtr - (UINTN) Variable;\r
+    if (IsUserVariable (Variable)) {\r
+      CommonUserVariableTotalSize += (UINTN) CurrPtr - (UINTN) Variable;\r
+    }\r
   } else {\r
     //\r
     // Reinstall all ADDED variables as long as they are not identical to Updating Variable.\r
@@ -926,6 +1114,9 @@ Reclaim (
           HwErrVariableTotalSize += VariableSize;\r
         } else if ((!IsVolatile) && ((Variable->Attributes & EFI_VARIABLE_HARDWARE_ERROR_RECORD) != EFI_VARIABLE_HARDWARE_ERROR_RECORD)) {\r
           CommonVariableTotalSize += VariableSize;\r
+          if (IsUserVariable (Variable)) {\r
+            CommonUserVariableTotalSize += VariableSize;\r
+          }\r
         }\r
       }\r
       Variable = NextVariable;\r
@@ -974,6 +1165,9 @@ Reclaim (
             HwErrVariableTotalSize += VariableSize;\r
           } else if ((!IsVolatile) && ((Variable->Attributes & EFI_VARIABLE_HARDWARE_ERROR_RECORD) != EFI_VARIABLE_HARDWARE_ERROR_RECORD)) {\r
             CommonVariableTotalSize += VariableSize;\r
+            if (IsUserVariable (Variable)) {\r
+              CommonUserVariableTotalSize += VariableSize;\r
+            }\r
           }\r
         }\r
       }\r
@@ -997,9 +1191,13 @@ Reclaim (
           HwErrVariableTotalSize += NewVariableSize;\r
         } else if ((NewVariable->Attributes & EFI_VARIABLE_HARDWARE_ERROR_RECORD) != EFI_VARIABLE_HARDWARE_ERROR_RECORD) {\r
           CommonVariableTotalSize += NewVariableSize;\r
+          if (IsUserVariable (NewVariable)) {\r
+            CommonUserVariableTotalSize += NewVariableSize;\r
+          }\r
         }\r
         if ((HwErrVariableTotalSize > PcdGet32 (PcdHwErrStorageSize)) ||\r
-            (CommonVariableTotalSize > VariableStoreHeader->Size - sizeof (VARIABLE_STORE_HEADER) - PcdGet32 (PcdHwErrStorageSize))) {\r
+            (CommonVariableTotalSize > mVariableModuleGlobal->CommonVariableSpace) ||\r
+            (CommonUserVariableTotalSize > mVariableModuleGlobal->CommonMaxUserVariableSpace)) {\r
           //\r
           // No enough space to store the new variable by NV or NV+HR attribute.\r
           //\r
@@ -1038,19 +1236,24 @@ Reclaim (
       *LastVariableOffset = (UINTN) (CurrPtr - ValidBuffer);\r
       mVariableModuleGlobal->HwErrVariableTotalSize = HwErrVariableTotalSize;\r
       mVariableModuleGlobal->CommonVariableTotalSize = CommonVariableTotalSize;\r
+      mVariableModuleGlobal->CommonUserVariableTotalSize = CommonUserVariableTotalSize;\r
     } else {\r
-      NextVariable  = GetStartPointer ((VARIABLE_STORE_HEADER *)(UINTN)VariableBase);\r
-      while (IsValidVariableHeader (NextVariable, GetEndPointer ((VARIABLE_STORE_HEADER *)(UINTN)VariableBase))) {\r
-        VariableSize = NextVariable->NameSize + NextVariable->DataSize + sizeof (VARIABLE_HEADER);\r
+      Variable = GetStartPointer ((VARIABLE_STORE_HEADER *)(UINTN)VariableBase);\r
+      while (IsValidVariableHeader (Variable, GetEndPointer ((VARIABLE_STORE_HEADER *)(UINTN)VariableBase))) {\r
+        NextVariable = GetNextVariablePtr (Variable);\r
+        VariableSize = (UINTN) NextVariable - (UINTN) Variable;\r
         if ((Variable->Attributes & EFI_VARIABLE_HARDWARE_ERROR_RECORD) == EFI_VARIABLE_HARDWARE_ERROR_RECORD) {\r
-          mVariableModuleGlobal->HwErrVariableTotalSize += HEADER_ALIGN (VariableSize);\r
+          mVariableModuleGlobal->HwErrVariableTotalSize += VariableSize;\r
         } else if ((Variable->Attributes & EFI_VARIABLE_HARDWARE_ERROR_RECORD) != EFI_VARIABLE_HARDWARE_ERROR_RECORD) {\r
-          mVariableModuleGlobal->CommonVariableTotalSize += HEADER_ALIGN (VariableSize);\r
+          mVariableModuleGlobal->CommonVariableTotalSize += VariableSize;\r
+          if (IsUserVariable (Variable)) {\r
+            mVariableModuleGlobal->CommonUserVariableTotalSize += VariableSize;\r
+          }\r
         }\r
 \r
-        NextVariable = GetNextVariablePtr (NextVariable);\r
+        Variable = NextVariable;\r
       }\r
-      *LastVariableOffset = (UINTN) NextVariable - (UINTN) VariableBase;\r
+      *LastVariableOffset = (UINTN) Variable - (UINTN) VariableBase;\r
     }\r
   }\r
 \r
@@ -1921,7 +2124,6 @@ UpdateVariable (
   VARIABLE_HEADER                     *NextVariable;\r
   UINTN                               ScratchSize;\r
   UINTN                               MaxDataSize;\r
-  UINTN                               NonVolatileVarableStoreSize;\r
   UINTN                               VarNameOffset;\r
   UINTN                               VarDataOffset;\r
   UINTN                               VarNameSize;\r
@@ -1937,6 +2139,8 @@ UpdateVariable (
   UINTN                               MergedBufSize;\r
   BOOLEAN                             DataReady;\r
   UINTN                               DataOffset;\r
+  BOOLEAN                             IsCommonVariable;\r
+  BOOLEAN                             IsCommonUserVariable;\r
 \r
   if (mVariableModuleGlobal->FvbInstance == NULL) {\r
     //\r
@@ -2298,12 +2502,25 @@ UpdateVariable (
     // Create a nonvolatile variable.\r
     //\r
     Volatile = FALSE;\r
-    NonVolatileVarableStoreSize = ((VARIABLE_STORE_HEADER *)(UINTN)(mVariableModuleGlobal->VariableGlobal.NonVolatileVariableBase))->Size;\r
+\r
+    IsCommonVariable = FALSE;\r
+    IsCommonUserVariable = FALSE;\r
+    if ((Attributes & EFI_VARIABLE_HARDWARE_ERROR_RECORD) == 0) {\r
+      IsCommonVariable = TRUE;\r
+      IsCommonUserVariable = IsUserVariable (NextVariable);\r
+    }\r
     if ((((Attributes & EFI_VARIABLE_HARDWARE_ERROR_RECORD) != 0)\r
       && ((VarSize + mVariableModuleGlobal->HwErrVariableTotalSize) > PcdGet32 (PcdHwErrStorageSize)))\r
-      || (((Attributes & EFI_VARIABLE_HARDWARE_ERROR_RECORD) == 0)\r
-      && ((VarSize + mVariableModuleGlobal->CommonVariableTotalSize) > NonVolatileVarableStoreSize - sizeof (VARIABLE_STORE_HEADER) - PcdGet32 (PcdHwErrStorageSize)))) {\r
+      || (IsCommonVariable && ((VarSize + mVariableModuleGlobal->CommonVariableTotalSize) > mVariableModuleGlobal->CommonVariableSpace))\r
+      || (IsCommonVariable && AtRuntime () && ((VarSize + mVariableModuleGlobal->CommonVariableTotalSize) > mVariableModuleGlobal->CommonRuntimeVariableSpace))\r
+      || (IsCommonUserVariable && ((VarSize + mVariableModuleGlobal->CommonUserVariableTotalSize) > mVariableModuleGlobal->CommonMaxUserVariableSpace))) {\r
       if (AtRuntime ()) {\r
+        if (IsCommonUserVariable && ((VarSize + mVariableModuleGlobal->CommonUserVariableTotalSize) > mVariableModuleGlobal->CommonMaxUserVariableSpace)) {\r
+          RecordVarErrorFlag (VAR_ERROR_FLAG_USER_ERROR, VariableName, VendorGuid, Attributes, VarSize);\r
+        }\r
+        if (IsCommonVariable && ((VarSize + mVariableModuleGlobal->CommonVariableTotalSize) > mVariableModuleGlobal->CommonRuntimeVariableSpace)) {\r
+          RecordVarErrorFlag (VAR_ERROR_FLAG_SYSTEM_ERROR, VariableName, VendorGuid, Attributes, VarSize);\r
+        }\r
         Status = EFI_OUT_OF_RESOURCES;\r
         goto Done;\r
       }\r
@@ -2329,6 +2546,13 @@ UpdateVariable (
         }\r
         UpdateVariableInfo (VariableName, VendorGuid, FALSE, FALSE, TRUE, FALSE, FALSE);\r
         FlushHobVariableToFlash (VariableName, VendorGuid);\r
+      } else {\r
+        if (IsCommonUserVariable && ((VarSize + mVariableModuleGlobal->CommonUserVariableTotalSize) > mVariableModuleGlobal->CommonMaxUserVariableSpace)) {\r
+          RecordVarErrorFlag (VAR_ERROR_FLAG_USER_ERROR, VariableName, VendorGuid, Attributes, VarSize);\r
+        }\r
+        if (IsCommonVariable && ((VarSize + mVariableModuleGlobal->CommonVariableTotalSize) > mVariableModuleGlobal->CommonVariableSpace)) {\r
+          RecordVarErrorFlag (VAR_ERROR_FLAG_SYSTEM_ERROR, VariableName, VendorGuid, Attributes, VarSize);\r
+        }\r
       }\r
       goto Done;\r
     }\r
@@ -2414,6 +2638,9 @@ UpdateVariable (
       mVariableModuleGlobal->HwErrVariableTotalSize += HEADER_ALIGN (VarSize);\r
     } else {\r
       mVariableModuleGlobal->CommonVariableTotalSize += HEADER_ALIGN (VarSize);\r
+      if (IsCommonUserVariable) {\r
+        mVariableModuleGlobal->CommonUserVariableTotalSize += HEADER_ALIGN (VarSize);\r
+      }\r
     }\r
     //\r
     // update the memory copy of Flash region.\r
@@ -2585,63 +2812,6 @@ IsHwErrRecVariable (
   return TRUE;\r
 }\r
 \r
-/**\r
-  This code checks if variable guid is global variable guid first.\r
-  If yes, further check if variable name is in mGlobalVariableList or mGlobalVariableList2 and attributes matched.\r
-\r
-  @param[in] VariableName       Pointer to variable name.\r
-  @param[in] VendorGuid         Variable Vendor Guid.\r
-  @param[in] Attributes         Attributes of the variable.\r
-\r
-  @retval EFI_SUCCESS           Variable is not global variable, or Variable is global variable, variable name is in the lists and attributes matched.\r
-  @retval EFI_INVALID_PARAMETER Variable is global variable, but variable name is not in the lists or attributes unmatched.\r
-\r
-**/\r
-EFI_STATUS\r
-EFIAPI\r
-CheckEfiGlobalVariable (\r
-  IN CHAR16             *VariableName,\r
-  IN EFI_GUID           *VendorGuid,\r
-  IN UINT32             Attributes\r
-  )\r
-{\r
-  UINTN     Index;\r
-  UINTN     NameLength;\r
-\r
-  if (CompareGuid (VendorGuid, &gEfiGlobalVariableGuid)){\r
-    //\r
-    // Try list 1, exactly match.\r
-    //\r
-    for (Index = 0; Index < sizeof (mGlobalVariableList)/sizeof (mGlobalVariableList[0]); Index++) {\r
-      if ((StrCmp (mGlobalVariableList[Index].Name, VariableName) == 0) &&\r
-          (Attributes == 0 || (Attributes & (~EFI_VARIABLE_APPEND_WRITE)) == mGlobalVariableList[Index].Attributes)) {\r
-        return EFI_SUCCESS;\r
-      }\r
-    }\r
-\r
-    //\r
-    // Try list 2.\r
-    //\r
-    NameLength = StrLen (VariableName) - 4;\r
-    for (Index = 0; Index < sizeof (mGlobalVariableList2)/sizeof (mGlobalVariableList2[0]); Index++) {\r
-      if ((StrLen (VariableName) == StrLen (mGlobalVariableList2[Index].Name)) &&\r
-          (StrnCmp (mGlobalVariableList2[Index].Name, VariableName, NameLength) == 0) &&\r
-          IsHexaDecimalDigitCharacter (VariableName[NameLength]) &&\r
-          IsHexaDecimalDigitCharacter (VariableName[NameLength + 1]) &&\r
-          IsHexaDecimalDigitCharacter (VariableName[NameLength + 2]) &&\r
-          IsHexaDecimalDigitCharacter (VariableName[NameLength + 3]) &&\r
-          (Attributes == 0 || (Attributes & (~EFI_VARIABLE_APPEND_WRITE)) == mGlobalVariableList2[Index].Attributes)) {\r
-        return EFI_SUCCESS;\r
-      }\r
-    }\r
-\r
-    DEBUG ((EFI_D_INFO, "[Variable]: set global variable with invalid variable name or attributes - %g:%s:%x\n", VendorGuid, VariableName, Attributes));\r
-    return EFI_INVALID_PARAMETER;\r
-  }\r
-\r
-  return EFI_SUCCESS;\r
-}\r
-\r
 /**\r
   Mark a variable that will become read-only after leaving the DXE phase of execution.\r
 \r
@@ -2666,6 +2836,7 @@ VariableLockRequestToLock (
   )\r
 {\r
   VARIABLE_ENTRY                  *Entry;\r
+  CHAR16                          *Name;\r
 \r
   if (VariableName == NULL || VariableName[0] == 0 || VendorGuid == NULL) {\r
     return EFI_INVALID_PARAMETER;\r
@@ -2675,7 +2846,7 @@ VariableLockRequestToLock (
     return EFI_ACCESS_DENIED;\r
   }\r
 \r
-  Entry = AllocateRuntimePool (sizeof (*Entry) + StrSize (VariableName));\r
+  Entry = AllocateRuntimeZeroPool (sizeof (*Entry) + StrSize (VariableName));\r
   if (Entry == NULL) {\r
     return EFI_OUT_OF_RESOURCES;\r
   }\r
@@ -2684,8 +2855,8 @@ VariableLockRequestToLock (
 \r
   AcquireLockOnlyAtBootTime(&mVariableModuleGlobal->VariableGlobal.VariableServicesLock);\r
 \r
-  Entry->Name = (CHAR16 *) (Entry + 1);\r
-  StrCpy   (Entry->Name, VariableName);\r
+  Name = (CHAR16 *) ((UINTN) Entry + sizeof (*Entry));\r
+  StrnCpy   (Name, VariableName, StrLen (VariableName));\r
   CopyGuid (&Entry->Guid, VendorGuid);\r
   InsertTailList (&mLockedVariableList, &Entry->Link);\r
 \r
@@ -2694,39 +2865,6 @@ VariableLockRequestToLock (
   return EFI_SUCCESS;\r
 }\r
 \r
-/**\r
-  This code checks if variable should be treated as read-only variable.\r
-\r
-  @param[in]      VariableName            Name of the Variable.\r
-  @param[in]      VendorGuid              GUID of the Variable.\r
-\r
-  @retval TRUE      This variable is read-only variable.\r
-  @retval FALSE     This variable is NOT read-only variable.\r
-\r
-**/\r
-BOOLEAN\r
-IsReadOnlyVariable (\r
-  IN     CHAR16         *VariableName,\r
-  IN     EFI_GUID       *VendorGuid\r
-  )\r
-{\r
-  if (CompareGuid (VendorGuid, &gEfiGlobalVariableGuid)) {\r
-    if ((StrCmp (VariableName, EFI_SETUP_MODE_NAME) == 0) ||\r
-        (StrCmp (VariableName, EFI_SIGNATURE_SUPPORT_NAME) == 0) ||\r
-        (StrCmp (VariableName, EFI_SECURE_BOOT_MODE_NAME) == 0) ||\r
-        (StrCmp (VariableName, EFI_VENDOR_KEYS_VARIABLE_NAME) == 0) ||\r
-        (StrCmp (VariableName, EFI_KEK_DEFAULT_VARIABLE_NAME) == 0) ||\r
-        (StrCmp (VariableName, EFI_PK_DEFAULT_VARIABLE_NAME) == 0) ||\r
-        (StrCmp (VariableName, EFI_DB_DEFAULT_VARIABLE_NAME) == 0) ||\r
-        (StrCmp (VariableName, EFI_DBX_DEFAULT_VARIABLE_NAME) == 0) ||\r
-        (StrCmp (VariableName, EFI_DBT_DEFAULT_VARIABLE_NAME) == 0)) {\r
-      return TRUE;\r
-    }\r
-  }\r
-\r
-  return FALSE;\r
-}\r
-\r
 /**\r
 \r
   This code finds variable in storage blocks (Volatile or Non-Volatile).\r
@@ -3015,6 +3153,7 @@ VariableServiceSetVariable (
   UINTN                               PayloadSize;\r
   LIST_ENTRY                          *Link;\r
   VARIABLE_ENTRY                      *Entry;\r
+  CHAR16                              *Name;\r
 \r
   //\r
   // Check input parameters.\r
@@ -3023,10 +3162,6 @@ VariableServiceSetVariable (
     return EFI_INVALID_PARAMETER;\r
   }\r
 \r
-  if (IsReadOnlyVariable (VariableName, VendorGuid)) {\r
-    return EFI_WRITE_PROTECTED;\r
-  }\r
-\r
   if (DataSize != 0 && Data == NULL) {\r
     return EFI_INVALID_PARAMETER;\r
   }\r
@@ -3105,11 +3240,6 @@ VariableServiceSetVariable (
     }\r
   }\r
 \r
-  Status = CheckEfiGlobalVariable (VariableName, VendorGuid, Attributes);\r
-  if (EFI_ERROR (Status)) {\r
-    return Status;\r
-  }\r
-\r
   AcquireLockOnlyAtBootTime(&mVariableModuleGlobal->VariableGlobal.VariableServicesLock);\r
 \r
   //\r
@@ -3136,7 +3266,8 @@ VariableServiceSetVariable (
         ; Link = GetNextNode (&mLockedVariableList, Link)\r
         ) {\r
       Entry = BASE_CR (Link, VARIABLE_ENTRY, Link);\r
-      if (CompareGuid (&Entry->Guid, VendorGuid) && (StrCmp (Entry->Name, VariableName) == 0)) {\r
+      Name = (CHAR16 *) ((UINTN) Entry + sizeof (*Entry));\r
+      if (CompareGuid (&Entry->Guid, VendorGuid) && (StrCmp (Name, VariableName) == 0)) {\r
         Status = EFI_WRITE_PROTECTED;\r
         DEBUG ((EFI_D_INFO, "[Variable]: Changing readonly variable after leaving DXE phase - %g:%s\n", VendorGuid, VariableName));\r
         goto Done;\r
@@ -3144,6 +3275,11 @@ VariableServiceSetVariable (
     }\r
   }\r
 \r
+  Status = InternalVarCheckSetVariableCheck (VariableName, VendorGuid, Attributes, PayloadSize, (VOID *) ((UINTN) Data + DataSize - PayloadSize));\r
+  if (EFI_ERROR (Status)) {\r
+    goto Done;\r
+  }\r
+\r
   //\r
   // Check whether the input variable is already existed.\r
   //\r
@@ -3161,6 +3297,7 @@ VariableServiceSetVariable (
       // 2. The only attribute differing is EFI_VARIABLE_APPEND_WRITE\r
       //\r
       Status = EFI_INVALID_PARAMETER;\r
+      DEBUG ((EFI_D_INFO, "[Variable]: Rewritten a preexisting variable(0x%08x) with different attributes(0x%08x) - %g:%s\n", Variable.CurrPtr->Attributes, Attributes, VendorGuid, VariableName));\r
       goto Done;\r
     }\r
   }\r
@@ -3281,8 +3418,11 @@ VariableServiceQueryVariableInfoInternal (
     *MaximumVariableSize = PcdGet32 (PcdMaxHardwareErrorVariableSize) - sizeof (VARIABLE_HEADER);\r
   } else {\r
     if ((Attributes & EFI_VARIABLE_NON_VOLATILE) != 0) {\r
-      ASSERT (PcdGet32 (PcdHwErrStorageSize) < VariableStoreHeader->Size);\r
-      *MaximumVariableStorageSize = VariableStoreHeader->Size - sizeof (VARIABLE_STORE_HEADER) - PcdGet32 (PcdHwErrStorageSize);\r
+      if (AtRuntime ()) {\r
+        *MaximumVariableStorageSize = mVariableModuleGlobal->CommonRuntimeVariableSpace;\r
+      } else {\r
+        *MaximumVariableStorageSize = mVariableModuleGlobal->CommonVariableSpace;\r
+      }\r
     }\r
 \r
     //\r
@@ -3358,8 +3498,12 @@ VariableServiceQueryVariableInfoInternal (
 \r
   if ((Attributes  & EFI_VARIABLE_HARDWARE_ERROR_RECORD) == EFI_VARIABLE_HARDWARE_ERROR_RECORD){\r
     *RemainingVariableStorageSize = *MaximumVariableStorageSize - HwErrVariableTotalSize;\r
-  }else {\r
-    *RemainingVariableStorageSize = *MaximumVariableStorageSize - CommonVariableTotalSize;\r
+  } else {\r
+    if (*MaximumVariableStorageSize < CommonVariableTotalSize) {\r
+      *RemainingVariableStorageSize = 0;\r
+    } else {\r
+      *RemainingVariableStorageSize = *MaximumVariableStorageSize - CommonVariableTotalSize;\r
+    }\r
   }\r
 \r
   if (*RemainingVariableStorageSize < sizeof (VARIABLE_HEADER)) {\r
@@ -3407,7 +3551,7 @@ VariableServiceQueryVariableInfo (
     return EFI_INVALID_PARAMETER;\r
   }\r
 \r
-  if((Attributes & (EFI_VARIABLE_NON_VOLATILE | EFI_VARIABLE_BOOTSERVICE_ACCESS | EFI_VARIABLE_RUNTIME_ACCESS | EFI_VARIABLE_HARDWARE_ERROR_RECORD)) == 0) {\r
+  if ((Attributes & VARIABLE_ATTRIBUTE_NV_BS_RT_AT_HR_AW) == 0) {\r
     //\r
     // Make sure the Attributes combination is supported by the platform.\r
     //\r
@@ -3455,21 +3599,22 @@ ReclaimForOS(
   )\r
 {\r
   EFI_STATUS                     Status;\r
-  UINTN                          CommonVariableSpace;\r
-  UINTN                          RemainingCommonVariableSpace;\r
+  UINTN                          RemainingCommonRuntimeVariableSpace;\r
   UINTN                          RemainingHwErrVariableSpace;\r
 \r
   Status  = EFI_SUCCESS;\r
 \r
-  CommonVariableSpace = ((VARIABLE_STORE_HEADER *) ((UINTN) (mVariableModuleGlobal->VariableGlobal.NonVolatileVariableBase)))->Size - sizeof (VARIABLE_STORE_HEADER) - PcdGet32(PcdHwErrStorageSize); //Allowable max size of common variable storage space\r
-\r
-  RemainingCommonVariableSpace = CommonVariableSpace - mVariableModuleGlobal->CommonVariableTotalSize;\r
+  if (mVariableModuleGlobal->CommonRuntimeVariableSpace < mVariableModuleGlobal->CommonVariableTotalSize) {\r
+    RemainingCommonRuntimeVariableSpace = 0;\r
+  } else {\r
+    RemainingCommonRuntimeVariableSpace = mVariableModuleGlobal->CommonRuntimeVariableSpace - mVariableModuleGlobal->CommonVariableTotalSize;\r
+  }\r
 \r
   RemainingHwErrVariableSpace = PcdGet32 (PcdHwErrStorageSize) - mVariableModuleGlobal->HwErrVariableTotalSize;\r
   //\r
-  // Check if the free area is blow a threshold.\r
+  // Check if the free area is below a threshold.\r
   //\r
-  if ((RemainingCommonVariableSpace < PcdGet32 (PcdMaxVariableSize))\r
+  if ((RemainingCommonRuntimeVariableSpace < PcdGet32 (PcdMaxVariableSize))\r
     || ((PcdGet32 (PcdHwErrStorageSize) != 0) &&\r
        (RemainingHwErrVariableSpace < PcdGet32 (PcdMaxHardwareErrorVariableSize)))){\r
     Status = Reclaim (\r
@@ -3499,6 +3644,7 @@ InitNonVolatileVariableStore (
   )\r
 {\r
   EFI_FIRMWARE_VOLUME_HEADER            *FvHeader;\r
+  VARIABLE_HEADER                       *Variable;\r
   VARIABLE_HEADER                       *NextVariable;\r
   EFI_PHYSICAL_ADDRESS                  VariableStoreBase;\r
   UINT64                                VariableStoreLength;\r
@@ -3510,17 +3656,12 @@ InitNonVolatileVariableStore (
   FAULT_TOLERANT_WRITE_LAST_WRITE_DATA  *FtwLastWriteData;\r
   UINT32                                BackUpOffset;\r
   UINT32                                BackUpSize;\r
+  UINT32                                HwErrStorageSize;\r
+  UINT32                                MaxUserNvVariableSpaceSize;\r
+  UINT32                                BoottimeReservedNvVariableSpaceSize;\r
 \r
   mVariableModuleGlobal->FvbInstance = NULL;\r
 \r
-  //\r
-  // Note that in EdkII variable driver implementation, Hardware Error Record type variable\r
-  // is stored with common variable in the same NV region. So the platform integrator should\r
-  // ensure that the value of PcdHwErrStorageSize is less than or equal to the value of\r
-  // PcdFlashNvStorageVariableSize.\r
-  //\r
-  ASSERT (PcdGet32 (PcdHwErrStorageSize) <= PcdGet32 (PcdFlashNvStorageVariableSize));\r
-\r
   //\r
   // Allocate runtime memory used for a memory copy of the FLASH region.\r
   // Keep the memory and the FLASH in sync as updates occur.\r
@@ -3590,6 +3731,37 @@ InitNonVolatileVariableStore (
   }\r
   ASSERT(mNvVariableCache->Size == VariableStoreLength);\r
 \r
+\r
+  ASSERT (sizeof (VARIABLE_STORE_HEADER) <= VariableStoreLength);\r
+\r
+  HwErrStorageSize = PcdGet32 (PcdHwErrStorageSize);\r
+  MaxUserNvVariableSpaceSize = PcdGet32 (PcdMaxUserNvVariableSpaceSize);\r
+  BoottimeReservedNvVariableSpaceSize = PcdGet32 (PcdBoottimeReservedNvVariableSpaceSize);\r
+\r
+  //\r
+  // Note that in EdkII variable driver implementation, Hardware Error Record type variable\r
+  // is stored with common variable in the same NV region. So the platform integrator should\r
+  // ensure that the value of PcdHwErrStorageSize is less than the value of\r
+  // VariableStoreLength - sizeof (VARIABLE_STORE_HEADER)).\r
+  //\r
+  ASSERT (HwErrStorageSize < (VariableStoreLength - sizeof (VARIABLE_STORE_HEADER)));\r
+  //\r
+  // Ensure that the value of PcdMaxUserNvVariableSpaceSize is less than the value of\r
+  // VariableStoreLength - sizeof (VARIABLE_STORE_HEADER)) - PcdGet32 (PcdHwErrStorageSize).\r
+  //\r
+  ASSERT (MaxUserNvVariableSpaceSize < (VariableStoreLength - sizeof (VARIABLE_STORE_HEADER) - HwErrStorageSize));\r
+  //\r
+  // Ensure that the value of PcdBoottimeReservedNvVariableSpaceSize is less than the value of\r
+  // VariableStoreLength - sizeof (VARIABLE_STORE_HEADER)) - PcdGet32 (PcdHwErrStorageSize).\r
+  //\r
+  ASSERT (BoottimeReservedNvVariableSpaceSize < (VariableStoreLength - sizeof (VARIABLE_STORE_HEADER) - HwErrStorageSize));\r
+\r
+  mVariableModuleGlobal->CommonVariableSpace = ((UINTN) VariableStoreLength - sizeof (VARIABLE_STORE_HEADER) - HwErrStorageSize);\r
+  mVariableModuleGlobal->CommonMaxUserVariableSpace = ((MaxUserNvVariableSpaceSize != 0) ? MaxUserNvVariableSpaceSize : mVariableModuleGlobal->CommonVariableSpace);\r
+  mVariableModuleGlobal->CommonRuntimeVariableSpace = mVariableModuleGlobal->CommonVariableSpace - BoottimeReservedNvVariableSpaceSize;\r
+\r
+  DEBUG ((EFI_D_INFO, "Variable driver common space: 0x%x 0x%x 0x%x\n", mVariableModuleGlobal->CommonVariableSpace, mVariableModuleGlobal->CommonMaxUserVariableSpace, mVariableModuleGlobal->CommonRuntimeVariableSpace));\r
+\r
   //\r
   // The max variable or hardware error variable size should be < variable store size.\r
   //\r
@@ -3598,18 +3770,19 @@ InitNonVolatileVariableStore (
   //\r
   // Parse non-volatile variable data and get last variable offset.\r
   //\r
-  NextVariable  = GetStartPointer ((VARIABLE_STORE_HEADER *)(UINTN)VariableStoreBase);\r
-  while (IsValidVariableHeader (NextVariable, GetEndPointer ((VARIABLE_STORE_HEADER *)(UINTN)VariableStoreBase))) {\r
-    VariableSize = NextVariable->NameSize + NextVariable->DataSize + sizeof (VARIABLE_HEADER);\r
-    if ((NextVariable->Attributes & (EFI_VARIABLE_NON_VOLATILE | EFI_VARIABLE_HARDWARE_ERROR_RECORD)) == (EFI_VARIABLE_NON_VOLATILE | EFI_VARIABLE_HARDWARE_ERROR_RECORD)) {\r
-      mVariableModuleGlobal->HwErrVariableTotalSize += HEADER_ALIGN (VariableSize);\r
+  Variable  = GetStartPointer ((VARIABLE_STORE_HEADER *)(UINTN)VariableStoreBase);\r
+  while (IsValidVariableHeader (Variable, GetEndPointer ((VARIABLE_STORE_HEADER *)(UINTN)VariableStoreBase))) {\r
+    NextVariable = GetNextVariablePtr (Variable);\r
+    VariableSize = (UINTN) NextVariable - (UINTN) Variable;\r
+    if ((Variable->Attributes & (EFI_VARIABLE_NON_VOLATILE | EFI_VARIABLE_HARDWARE_ERROR_RECORD)) == (EFI_VARIABLE_NON_VOLATILE | EFI_VARIABLE_HARDWARE_ERROR_RECORD)) {\r
+      mVariableModuleGlobal->HwErrVariableTotalSize += VariableSize;\r
     } else {\r
-      mVariableModuleGlobal->CommonVariableTotalSize += HEADER_ALIGN (VariableSize);\r
+      mVariableModuleGlobal->CommonVariableTotalSize += VariableSize;\r
     }\r
 \r
-    NextVariable = GetNextVariablePtr (NextVariable);\r
+    Variable = NextVariable;\r
   }\r
-  mVariableModuleGlobal->NonVolatileLastVariableOffset = (UINTN) NextVariable - (UINTN) VariableStoreBase;\r
+  mVariableModuleGlobal->NonVolatileLastVariableOffset = (UINTN) Variable - (UINTN) VariableStoreBase;\r
 \r
   return EFI_SUCCESS;\r
 }\r
@@ -3883,8 +4056,9 @@ GetFvbInfoByAddress (
   UINTN                                   Index;\r
   EFI_PHYSICAL_ADDRESS                    FvbBaseAddress;\r
   EFI_FIRMWARE_VOLUME_BLOCK_PROTOCOL      *Fvb;\r
-  EFI_FIRMWARE_VOLUME_HEADER              *FwVolHeader;\r
   EFI_FVB_ATTRIBUTES_2                    Attributes;\r
+  UINTN                                   BlockSize;\r
+  UINTN                                   NumberOfBlocks;\r
 \r
   HandleBuffer = NULL;\r
   //\r
@@ -3922,8 +4096,15 @@ GetFvbInfoByAddress (
       continue;\r
     }\r
 \r
-    FwVolHeader = (EFI_FIRMWARE_VOLUME_HEADER *) ((UINTN) FvbBaseAddress);\r
-    if ((Address >= FvbBaseAddress) && (Address < (FvbBaseAddress + FwVolHeader->FvLength))) {\r
+    //\r
+    // Assume one FVB has one type of BlockSize.\r
+    //\r
+    Status = Fvb->GetBlockSize (Fvb, 0, &BlockSize, &NumberOfBlocks);\r
+    if (EFI_ERROR (Status)) {\r
+      continue;\r
+    }\r
+\r
+    if ((Address >= FvbBaseAddress) && (Address < (FvbBaseAddress + BlockSize * NumberOfBlocks))) {\r
       if (FvbHandle != NULL) {\r
         *FvbHandle  = HandleBuffer[Index];\r
       }\r