]> git.proxmox.com Git - mirror_edk2.git/blobdiff - SecurityPkg/VariableAuthenticated/RuntimeDxe/VariableSmm.inf
projects / mirror_edk2.git / blobdiff
? search:
summary | shortlog | log | commit | commitdiff | tree
raw | inline | side by side
Add comments to clarify mPubKeyStore buffer MemCopy. There is no memory overflow...
[mirror_edk2.git] / SecurityPkg / VariableAuthenticated / RuntimeDxe / VariableSmm.inf
diff --git a/SecurityPkg/VariableAuthenticated/RuntimeDxe/VariableSmm.inf b/SecurityPkg/VariableAuthenticated/RuntimeDxe/VariableSmm.inf
index 279a9248e292e9a93ead06b49cdf7afc8162c949..1987764d803c40802fb12874d7ee3d5eb2c0fc63 100644 (file)
--- a/SecurityPkg/VariableAuthenticated/RuntimeDxe/VariableSmm.inf
+++ b/SecurityPkg/VariableAuthenticated/RuntimeDxe/VariableSmm.inf
@@ -13,6 +13,10 @@
 #  This driver will have external input - variable data and communicate buffer in SMM mode.\r
 #  This external input must be validated carefully to avoid security issues such as \r
 #  buffer overflow or integer overflow.\r
+#    The whole SMM authentication variable design relies on the integrity of flash part and SMM.\r
+#  which is assumed to be protected by platform.  All variable code and metadata in flash/SMM Memory\r
+#  may not be modified without authorization. If platform fails to protect these resources, \r
+#  the authentication service provided in this driver will be broken, and the behavior is undefined.\r
 #\r
 # Copyright (c) 2010 - 2014, Intel Corporation. All rights reserved.<BR>\r
 # This program and the accompanying materials\r
EFI Development Kit II mirror for PVE