## @file\r
-# Component description file for SMM Authenticated Variable module.\r
+# Provides SMM authenticated variable service\r
#\r
# This module installs SMM variable protocol into SMM protocol database,\r
# which can be used by SMM driver, and installs SMM variable protocol\r
# into BS protocol database, which can be used to notify the SMM Runtime\r
# Dxe driver that the SMM variable service is ready.\r
# This module should be used with SMM Runtime DXE module together. The\r
-# SMM Runtime DXE module would install variable arch protocol and variable\r
+# SMM Runtime DXE module installs variable arch protocol and variable\r
# write arch protocol based on SMM variable module.\r
#\r
-# Copyright (c) 2010 - 2011, Intel Corporation. All rights reserved.<BR>\r
+# Caution: This module requires additional review when modified.\r
+# This driver will have external input - variable data and communicate buffer in SMM mode.\r
+# This external input must be validated carefully to avoid security issues such as \r
+# buffer overflow or integer overflow.\r
+# The whole SMM authentication variable design relies on the integrity of flash part and SMM.\r
+# which is assumed to be protected by platform. All variable code and metadata in flash/SMM Memory\r
+# may not be modified without authorization. If platform fails to protect these resources, \r
+# the authentication service provided in this driver will be broken, and the behavior is undefined.\r
+#\r
+# Copyright (c) 2010 - 2015, Intel Corporation. All rights reserved.<BR>\r
# This program and the accompanying materials\r
# are licensed and made available under the terms and conditions of the BSD License\r
# which accompanies this distribution. The full text of the license may be found at\r
\r
[Defines]\r
INF_VERSION = 0x00010005\r
- BASE_NAME = VariableSmm\r
+ BASE_NAME = VariableAuthSmm\r
+ MODULE_UNI_FILE = VariableAuthSmm.uni\r
FILE_GUID = D34BDC5E-968A-40f5-A48C-E594F45AE211\r
MODULE_TYPE = DXE_SMM_DRIVER\r
VERSION_STRING = 1.0\r
Variable.c\r
VariableSmm.c\r
AuthService.c\r
+ VarCheck.c\r
Variable.h\r
AuthService.h\r
\r
BaseCryptLib\r
PlatformSecureLib\r
HobLib\r
+ PcdLib\r
+ DevicePathLib\r
+ SmmMemLib\r
\r
[Protocols]\r
- gEfiSmmFirmwareVolumeBlockProtocolGuid ## SOMETIMES_CONSUMES\r
- gEfiSmmVariableProtocolGuid ## ALWAYS_PRODUCES\r
- gEfiSmmFaultTolerantWriteProtocolGuid ## SOMETIMES_CONSUMES\r
+ gEfiSmmFirmwareVolumeBlockProtocolGuid ## CONSUMES\r
+ \r
+ ## PRODUCES\r
+ ## UNDEFINED # SmiHandlerRegister\r
+ gEfiSmmVariableProtocolGuid\r
+ \r
+ ## CONSUMES\r
+ ## NOTIFY \r
+ gEfiSmmFaultTolerantWriteProtocolGuid\r
+ gEfiSmmEndOfDxeProtocolGuid ## NOTIFY\r
+ gEdkiiSmmVarCheckProtocolGuid ## PRODUCES\r
\r
[Guids]\r
- gEfiAuthenticatedVariableGuid ## PRODUCES ## Configuration Table Guid\r
- gEfiGlobalVariableGuid ## PRODUCES ## Variable Guid\r
- gSmmVariableWriteGuid ## PRODUCES ## SMM Variable Write Guid\r
- gEfiCertTypeRsa2048Sha256Guid\r
+ ## PRODUCES ## GUID # Variable store header\r
+ ## CONSUMES ## GUID # Variable store header\r
+ ## SOMETIMES_CONSUMES ## HOB\r
+ gEfiAuthenticatedVariableGuid\r
+ \r
+ ## SOMETIMES_CONSUMES ## Variable:L"PlatformLang"\r
+ ## SOMETIMES_PRODUCES ## Variable:L"PlatformLang"\r
+ ## SOMETIMES_CONSUMES ## Variable:L"Lang"\r
+ ## SOMETIMES_PRODUCES ## Variable:L"Lang"\r
+ ## SOMETIMES_CONSUMES ## Variable:L"HwErrRecSupport"\r
+ ## CONSUMES ## Variable:L"SetupMode"\r
+ ## PRODUCES ## Variable:L"SetupMode"\r
+ ## SOMETIMES_CONSUMES ## Variable:L"PK"\r
+ ## SOMETIMES_CONSUMES ## Variable:L"KEK"\r
+ ## CONSUMES ## Variable:L"SecureBoot"\r
+ ## PRODUCES ## Variable:L"SecureBoot"\r
+ ## CONSUMES ## Variable:L"SignatureSupport"\r
+ ## PRODUCES ## Variable:L"SignatureSupport"\r
+ ## PRODUCES ## Variable:L"VendorKeys"\r
+ gEfiGlobalVariableGuid\r
+ \r
+ ## SOMETIMES_CONSUMES ## Variable:L"DB"\r
+ ## SOMETIMES_CONSUMES ## Variable:L"DBX"\r
gEfiImageSecurityDatabaseGuid\r
- gEfiCertX509Guid\r
- gEfiCertPkcs7Guid\r
- gEfiCertRsa2048Guid\r
+ \r
+ ## CONSUMES ## Variable:L"SecureBootEnable"\r
+ ## PRODUCES ## Variable:L"SecureBootEnable"\r
gEfiSecureBootEnableDisableGuid\r
- gEfiSystemNvDataFvGuid ## CONSUMES\r
+ \r
+ ## CONSUMES ## Variable:L"CustomMode"\r
+ ## PRODUCES ## Variable:L"CustomMode"\r
+ gEfiCustomModeEnableGuid\r
+ \r
+ ## CONSUMES ## Variable:L"certdb"\r
+ ## PRODUCES ## Variable:L"certdb"\r
+ gEfiCertDbGuid\r
+\r
+ ## CONSUMES ## Variable:L"VendorKeysNv"\r
+ ## PRODUCES ## Variable:L"VendorKeysNv"\r
+ gEfiVendorKeysNvGuid\r
+ \r
+ gSmmVariableWriteGuid ## PRODUCES ## GUID # Install protocol\r
+ gEfiCertTypeRsa2048Sha256Guid ## SOMETIMES_CONSUMES ## GUID # Unique ID for the format of the CertData.\r
+ gEfiCertPkcs7Guid ## SOMETIMES_CONSUMES ## GUID # Unique ID for the format of the CertData.\r
+ gEfiCertX509Guid ## SOMETIMES_CONSUMES ## GUID # Unique ID for the type of the signature.\r
+ gEfiSystemNvDataFvGuid ## CONSUMES ## GUID\r
+ gEfiHardwareErrorVariableGuid ## SOMETIMES_CONSUMES ## Variable:L"HwErrRec####"\r
+ gEdkiiFaultTolerantWriteGuid ## SOMETIMES_CONSUMES ## HOB\r
+ gEdkiiVarErrorFlagGuid ## CONSUMES ## GUID\r
\r
[Pcd]\r
- gEfiMdeModulePkgTokenSpaceGuid.PcdFlashNvStorageVariableSize\r
- gEfiMdeModulePkgTokenSpaceGuid.PcdFlashNvStorageVariableBase\r
- gEfiMdeModulePkgTokenSpaceGuid.PcdFlashNvStorageVariableBase64\r
- gEfiMdeModulePkgTokenSpaceGuid.PcdMaxVariableSize\r
- gEfiMdeModulePkgTokenSpaceGuid.PcdMaxHardwareErrorVariableSize\r
- gEfiMdeModulePkgTokenSpaceGuid.PcdVariableStoreSize\r
- gEfiMdeModulePkgTokenSpaceGuid.PcdHwErrStorageSize\r
+ gEfiMdeModulePkgTokenSpaceGuid.PcdFlashNvStorageVariableSize ## CONSUMES\r
+ gEfiMdeModulePkgTokenSpaceGuid.PcdFlashNvStorageVariableBase ## SOMETIMES_CONSUMES\r
+ gEfiMdeModulePkgTokenSpaceGuid.PcdFlashNvStorageVariableBase64 ## CONSUMES\r
+ gEfiMdeModulePkgTokenSpaceGuid.PcdMaxVariableSize ## CONSUMES\r
+ gEfiMdeModulePkgTokenSpaceGuid.PcdMaxAuthVariableSize ## CONSUMES\r
+ gEfiMdeModulePkgTokenSpaceGuid.PcdMaxHardwareErrorVariableSize ## CONSUMES\r
+ gEfiMdeModulePkgTokenSpaceGuid.PcdVariableStoreSize ## CONSUMES\r
+ gEfiMdeModulePkgTokenSpaceGuid.PcdHwErrStorageSize ## CONSUMES\r
+ gEfiMdeModulePkgTokenSpaceGuid.PcdMaxUserNvVariableSpaceSize ## CONSUMES\r
+ gEfiMdeModulePkgTokenSpaceGuid.PcdBoottimeReservedNvVariableSpaceSize ## CONSUMES\r
+ gEfiMdeModulePkgTokenSpaceGuid.PcdReclaimVariableSpaceAtEndOfDxe ## CONSUMES\r
\r
[FeaturePcd]\r
- gEfiMdeModulePkgTokenSpaceGuid.PcdVariableCollectStatistics ## SOMETIME_CONSUMES (statistic the information of variable.)\r
+ gEfiMdeModulePkgTokenSpaceGuid.PcdVariableCollectStatistics ## CONSUMES # statistic the information of variable.\r
+ gEfiMdePkgTokenSpaceGuid.PcdUefiVariableDefaultLangDeprecate ## CONSUMES # Auto update PlatformLang/Lang\r
\r
[Depex]\r
TRUE\r
-\r
-\r
+ \r
+[UserExtensions.TianoCore."ExtraFiles"]\r
+ VariableSmmExtra.uni\r
projects / mirror_edk2.git / blobdiff